corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Backed out 7 changesets (bug 1802809, bug 1877717, bug 1403081, bug 1890883, bug 1877720) for causing localization checks failures in aboutLogins.ftl. CLOSED TREE

Browse Source 
Backed out changeset 62eeb65b23bd (bug 1877717)
Backed out changeset 4fde845a1182 (bug 1877717)
Backed out changeset d3124d383693 (bug 1877717)
Backed out changeset 344ac200b360 (bug 1802809)
Backed out changeset 754a1bf3b55e (bug 1877720)
Backed out changeset 961a1121017e (bug 1403081)
Backed out changeset 19b2252a4ccf (bug 1890883)
This commit is contained in:
Stanca Serban
2024-05-06 18:27:03 +03:00
parent 5e0913654a
commit fdfaad305b
45 changed files with 292 additions and 1116 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
browser/components/BrowserGlue.sys.mjs
View File

@@ -42,13 +42,11 @@ ChromeUtils.defineESModuleGetters(lazy, {
FeatureGate: "resource://featuregates/FeatureGate.sys.mjs",
FirefoxBridgeExtensionUtils:
"resource:///modules/FirefoxBridgeExtensionUtils.sys.mjs",
FormAutofillUtils: "resource://gre/modules/shared/FormAutofillUtils.sys.mjs",
FxAccounts: "resource://gre/modules/FxAccounts.sys.mjs",
HomePage: "resource:///modules/HomePage.sys.mjs",
Integration: "resource://gre/modules/Integration.sys.mjs",
Interactions: "resource:///modules/Interactions.sys.mjs",
LoginBreaches: "resource:///modules/LoginBreaches.sys.mjs",
LoginHelper: "resource://gre/modules/LoginHelper.sys.mjs",
MigrationUtils: "resource:///modules/MigrationUtils.sys.mjs",
NetUtil: "resource://gre/modules/NetUtil.sys.mjs",
NewTabUtils: "resource://gre/modules/NewTabUtils.sys.mjs",
@@ -4436,36 +4434,6 @@ BrowserGlue.prototype = {
Services.prefs.clearUserPref("browser.shell.customProtocolsRegistered");
}
}
if (currentUIVersion < 146) {
// We're securing the boolean prefs for OS Authentication.
// This is achieved by converting them into a string pref and encrypting the values
// stored inside it.
if (!AppConstants.NIGHTLY_BUILD) {
// We only perform pref migration for Beta and Release since for nightly we are
// enabling OSAuth (exiting functionality) for creditcards and passwords as defualt.
let ccReauthPrefValue = Services.prefs.getBoolPref(
"extensions.formautofill.reauth.enabled"
);
let pwdReauthPrefValue = Services.prefs.getBoolPref(
"signon.management.page.os-auth.enabled"
);
lazy.FormAutofillUtils.setOSAuthEnabled(
"extensions.formautofill.creditcards.reauth.optout",
ccReauthPrefValue
);
lazy.LoginHelper.setOSAuthEnabled(
"signon.management.page.os-auth.optout",
pwdReauthPrefValue
);
}
Services.prefs.clearUserPref("extensions.formautofill.reauth.enabled");
Services.prefs.clearUserPref("signon.management.page.os-auth.enabled");
}
// Update the migration version.
Services.prefs.setIntPref("browser.migration.version", UI_VERSION);
},

21
browser/components/aboutlogins/AboutLoginsParent.sys.mjs
View File

@@ -17,6 +17,7 @@ ChromeUtils.defineESModuleGetters(lazy, {
LoginExport: "resource://gre/modules/LoginExport.sys.mjs",
LoginHelper: "resource://gre/modules/LoginHelper.sys.mjs",
MigrationUtils: "resource:///modules/MigrationUtils.sys.mjs",
OSKeyStore: "resource://gre/modules/OSKeyStore.sys.mjs",
UIState: "resource://services-sync/UIState.sys.mjs",
});
@@ -35,6 +36,12 @@ XPCOMUtils.defineLazyPreferenceGetter(
"identity.fxaccounts.enabled",
false
);
XPCOMUtils.defineLazyPreferenceGetter(
lazy,
"OS_AUTH_ENABLED",
"signon.management.page.os-auth.enabled",
true
);
XPCOMUtils.defineLazyPreferenceGetter(
lazy,
"VULNERABLE_PASSWORDS_ENABLED",
@@ -259,15 +266,11 @@ export class AboutLoginsParent extends JSWindowActorParent {
let messageText = { value: "NOT SUPPORTED" };
let captionText = { value: "" };
const isOSAuthEnabled = lazy.LoginHelper.getOSAuthEnabled(
lazy.LoginHelper.OS_AUTH_FOR_PASSWORDS_PREF
);
// This feature is only supported on Windows and macOS
// but we still call in to OSKeyStore on Linux to get
// the proper auth_details for Telemetry.
// See bug 1614874 for Linux support.
if (isOSAuthEnabled) {
if (lazy.OS_AUTH_ENABLED && lazy.OSKeyStore.canReauth()) {
messageId += "-" + AppConstants.platform;
[messageText, captionText] = await lazy.AboutLoginsL10n.formatMessages([
{
@@ -281,7 +284,7 @@ export class AboutLoginsParent extends JSWindowActorParent {
let { isAuthorized, telemetryEvent } = await lazy.LoginHelper.requestReauth(
this.browsingContext.embedderElement,
isOSAuthEnabled,
lazy.OS_AUTH_ENABLED,
AboutLogins._authExpirationTime,
messageText.value,
captionText.value
@@ -375,15 +378,11 @@ export class AboutLoginsParent extends JSWindowActorParent {
let messageText = { value: "NOT SUPPORTED" };
let captionText = { value: "" };
const isOSAuthEnabled = lazy.LoginHelper.getOSAuthEnabled(
lazy.LoginHelper.OS_AUTH_FOR_PASSWORDS_PREF
);
// This feature is only supported on Windows and macOS
// but we still call in to OSKeyStore on Linux to get
// the proper auth_details for Telemetry.
// See bug 1614874 for Linux support.
if (isOSAuthEnabled) {
if (lazy.OSKeyStore.canReauth()) {
const messageId =
EXPORT_PASSWORD_OS_AUTH_DIALOG_MESSAGE_IDS[AppConstants.platform];
if (!messageId) {

1
browser/components/aboutlogins/tests/browser/browser.toml
View File

@@ -2,6 +2,7 @@
support-files = ["head.js"]
prefs = [
"signon.management.page.vulnerable-passwords.enabled=true",
"signon.management.page.os-auth.enabled=true",
"toolkit.telemetry.ipcBatchTimeout=10", # lower the interval for event telemetry in the content process to update the parent process
]
# Run first so content events from previous tests won't trickle in.

10
browser/components/aboutlogins/tests/browser/browser_aaa_eventTelemetry_run_first.js
View File

@@ -72,10 +72,7 @@ add_task(async function test_telemetry_events() {
await LoginTestUtils.telemetry.waitForEventCount(3);
if (OSKeyStoreTestUtils.canTestOSKeyStoreLogin()) {
let reauthObserved = Promise.resolve();
if (OSKeyStore.canReauth()) {
reauthObserved = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
}
let reauthObserved = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
await SpecialPowers.spawn(gBrowser.selectedBrowser, [], async function () {
let loginItem = content.document.querySelector("login-item");
let copyButton = loginItem.shadowRoot.querySelector(
@@ -109,12 +106,9 @@ add_task(async function test_telemetry_events() {
// Show the password
if (OSKeyStoreTestUtils.canTestOSKeyStoreLogin()) {
let reauthObserved = Promise.resolve();
if (OSKeyStore.canReauth()) {
reauthObserved = forceAuthTimeoutAndWaitForOSKeyStoreLogin({
let reauthObserved = forceAuthTimeoutAndWaitForOSKeyStoreLogin({
loginResult: true,
});
}
nextTelemetryEventCount++; // An extra event is observed for the reauth event.
await SpecialPowers.spawn(gBrowser.selectedBrowser, [], async function () {
let loginItem = content.document.querySelector("login-item");

6
browser/components/aboutlogins/tests/browser/browser_alertDismissedAfterChangingPassword.js
View File

@@ -104,13 +104,9 @@ add_task(async function test_added_login_shows_breach_warning() {
return;
}
let reauthObserved = Promise.resolve();
if (OSKeyStore.canReauth()) {
reauthObserved = forceAuthTimeoutAndWaitForOSKeyStoreLogin({
let reauthObserved = forceAuthTimeoutAndWaitForOSKeyStoreLogin({
loginResult: true,
});
}
// Change the password on the breached login and check that the
// login is no longer marked as breached. The vulnerable login
// should still be marked as vulnerable afterwards.

6
browser/components/aboutlogins/tests/browser/browser_contextmenuFillLogins.js
View File

@@ -32,10 +32,8 @@ if (OSKeyStoreTestUtils.canTestOSKeyStoreLogin()) {
gTests[gTests.length] = {
name: "test contextmenu on password field in edit login view",
async setup(browser) {
let osAuthDialogShown = Promise.resolve();
if (OSKeyStore.canReauth()) {
osAuthDialogShown = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
}
let osAuthDialogShown = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
// load up the edit login view
await SpecialPowers.spawn(
browser,

4
browser/components/aboutlogins/tests/browser/browser_copyToClipboardButton.js
View File

@@ -49,12 +49,10 @@ add_task(async function test() {
info(
"waiting for " + testObj.expectedValue + " to be placed on clipboard"
);
let reauthObserved = Promise.resolve();
let reauthObserved = true;
if (testObj.copyButtonSelector.includes("password")) {
if (OSKeyStore.canReauth()) {
reauthObserved = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
}
}
await SimpleTest.promiseClipboardChange(
testObj.expectedValue,

5
browser/components/aboutlogins/tests/browser/browser_createLogin.js
View File

@@ -232,12 +232,9 @@ add_task(async function test_create_login() {
continue;
}
let reauthObserved = Promise.resolve();
if (OSKeyStore.canReauth()) {
reauthObserved = forceAuthTimeoutAndWaitForOSKeyStoreLogin({
let reauthObserved = forceAuthTimeoutAndWaitForOSKeyStoreLogin({
loginResult: true,
});
}
await SpecialPowers.spawn(browser, [], async () => {
let loginItem = Cu.waiveXrays(
content.document.querySelector("login-item")

5
browser/components/aboutlogins/tests/browser/browser_deleteLogin.js
View File

@@ -71,10 +71,7 @@ add_task(async function test_login_item() {
}, "Waiting for login item to get populated");
Assert.ok(loginItemPopulated, "The login item should get populated");
});
let reauthObserved = Promise.resolve();
if (OSKeyStore.canReauth()) {
reauthObserved = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
}
let reauthObserved = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
await SpecialPowers.spawn(browser, [], async () => {
let loginItem = Cu.waiveXrays(
content.document.querySelector("login-item")

5
browser/components/aboutlogins/tests/browser/browser_loginItemErrors.js
View File

@@ -107,10 +107,7 @@ add_task(async function test_showLoginItemErrors() {
// The rest of the test uses Edit mode which causes an OS prompt in official builds.
return;
}
let reauthObserved = Promise.resolve();
if (OSKeyStore.canReauth()) {
reauthObserved = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
}
let reauthObserved = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
await SpecialPowers.spawn(
browser,
[[LoginHelper.loginToVanillaObject(LOGIN_TO_UPDATE), LOGIN_UPDATES]],

3
browser/components/aboutlogins/tests/browser/browser_openExport.js
View File

@@ -8,6 +8,9 @@
* Test the export logins file picker appears.
*/
let { OSKeyStore } = ChromeUtils.importESModule(
"resource://gre/modules/OSKeyStore.sys.mjs"
);
let { TelemetryTestUtils } = ChromeUtils.importESModule(
"resource://testing-common/TelemetryTestUtils.sys.mjs"
);

5
browser/components/aboutlogins/tests/browser/browser_openSite.js
View File

@@ -44,10 +44,7 @@ add_task(async function test_launch_login_item() {
gBrowser,
TEST_LOGIN1.origin + "/"
);
let reauthObserved = Promise.resolve();
if (OSKeyStore.canReauth()) {
reauthObserved = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
}
let reauthObserved = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
await SpecialPowers.spawn(browser, [], async () => {
let loginItem = Cu.waiveXrays(content.document.querySelector("login-item"));
loginItem._editButton.click();

458
browser/components/aboutlogins/tests/browser/browser_osAuthDialog.js
View File

@@ -1,251 +1,12 @@
/* Any copyright is dedicated to the Public Domain.
* http://creativecommons.org/publicdomain/zero/1.0/ */
"use strict";
// On mac, this test times out in chaos mode
requestLongerTimeout(2);
const PAGE_PREFS = "about:preferences";
const PAGE_PRIVACY = PAGE_PREFS + "#privacy";
const SELECTORS = {
reauthCheckbox: "#osReauthCheckbox",
};
add_setup(async function () {
TEST_LOGIN1 = await addLogin(TEST_LOGIN1);
TEST_LOGIN2 = await addLogin(TEST_LOGIN2);
});
add_task(async function test_os_auth_enabled_with_checkbox() {
let finalPrefPaneLoaded = TestUtils.topicObserved("sync-pane-loaded");
await BrowserTestUtils.withNewTab(
{ gBrowser, url: PAGE_PRIVACY },
async function (browser) {
await finalPrefPaneLoaded;
await SpecialPowers.spawn(browser, [SELECTORS], async selectors => {
is(
content.document.querySelector(selectors.reauthCheckbox).checked,
true,
"OSReauth for Passwords should be checked"
);
});
is(
LoginHelper.getOSAuthEnabled(PASSWORDS_OS_REAUTH_PREF),
true,
"OSAuth should be enabled."
);
}
);
});
add_task(async function test_os_auth_disabled_with_checkbox() {
let finalPrefPaneLoaded = TestUtils.topicObserved("sync-pane-loaded");
LoginHelper.setOSAuthEnabled(PASSWORDS_OS_REAUTH_PREF, false);
await BrowserTestUtils.withNewTab(
{ gBrowser, url: PAGE_PRIVACY },
async function (browser) {
await finalPrefPaneLoaded;
await SpecialPowers.spawn(browser, [SELECTORS], async selectors => {
is(
content.document.querySelector(selectors.reauthCheckbox).checked,
false,
"OSReauth for passwords should be unchecked"
);
});
is(
LoginHelper.getOSAuthEnabled(PASSWORDS_OS_REAUTH_PREF),
false,
"OSAuth should be disabled"
);
}
);
LoginHelper.setOSAuthEnabled(PASSWORDS_OS_REAUTH_PREF, true);
});
add_task(async function test_OSAuth_enabled_with_random_value_in_pref() {
let finalPrefPaneLoaded = TestUtils.topicObserved("sync-pane-loaded");
await SpecialPowers.pushPrefEnv({
set: [[PASSWORDS_OS_REAUTH_PREF, "poutine-gravy"]],
});
await BrowserTestUtils.withNewTab(
{ gBrowser, url: PAGE_PRIVACY },
async function (browser) {
await finalPrefPaneLoaded;
await SpecialPowers.spawn(browser, [SELECTORS], async selectors => {
let reauthCheckbox = content.document.querySelector(
selectors.reauthCheckbox
);
is(
reauthCheckbox.checked,
true,
"OSReauth for passwords should be checked"
);
});
is(
LoginHelper.getOSAuthEnabled(PASSWORDS_OS_REAUTH_PREF),
true,
"OSAuth should be enabled since the pref does not decrypt to 'opt out'."
);
}
);
});
add_task(async function test_osAuth_shown_on_edit_login() {
if (!OSKeyStoreTestUtils.canTestOSKeyStoreLogin()) {
Assert.ok(
true,
`skipping test since oskeystore cannot be automated in this environment`
);
return;
}
await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: "about:logins",
});
let osAuthDialogShown = Promise.resolve();
if (OSKeyStore.canReauth()) {
osAuthDialogShown = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
}
await SpecialPowers.spawn(gBrowser.selectedBrowser, [], async function () {
let loginItem = content.document.querySelector("login-item");
Assert.ok(
!loginItem.dataset.editing,
"Not in edit mode before clicking 'Edit'"
);
let editButton = loginItem.shadowRoot.querySelector("edit-button");
editButton.click();
});
await osAuthDialogShown;
info("OS auth dialog shown and authenticated");
await SpecialPowers.spawn(gBrowser.selectedBrowser, [], async () => {
await ContentTaskUtils.waitForCondition(
() => content.document.querySelector("login-item").dataset.editing,
"login item should be in 'edit' mode"
);
});
BrowserTestUtils.removeTab(gBrowser.selectedTab);
});
add_task(async function test_osAuth_shown_on_reveal_password() {
if (!OSKeyStoreTestUtils.canTestOSKeyStoreLogin()) {
Assert.ok(
true,
`skipping test since oskeystore cannot be automated in this environment`
);
return;
}
await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: "about:logins",
});
let osAuthDialogShown = Promise.resolve();
if (OSKeyStore.canReauth()) {
osAuthDialogShown = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
}
await SpecialPowers.spawn(gBrowser.selectedBrowser, [], async function () {
let loginItem = content.document.querySelector("login-item");
let revealCheckbox = loginItem.shadowRoot.querySelector(
".reveal-password-checkbox"
);
revealCheckbox.click();
});
await osAuthDialogShown;
info("OS auth dialog shown and authenticated");
await SpecialPowers.spawn(gBrowser.selectedBrowser, [], async function () {
let loginItem = content.document.querySelector("login-item");
let revealCheckbox = loginItem.shadowRoot.querySelector(
".reveal-password-checkbox"
);
Assert.ok(
revealCheckbox.checked,
"reveal checkbox should be checked if OS auth dialog authenticated"
);
});
BrowserTestUtils.removeTab(gBrowser.selectedTab);
});
add_task(async function test_osAuth_shown_on_copy_password() {
if (!OSKeyStoreTestUtils.canTestOSKeyStoreLogin()) {
Assert.ok(
true,
`skipping test since oskeystore cannot be automated in this environment`
);
return;
}
await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: "about:logins",
});
let osAuthDialogShown = Promise.resolve();
if (OSKeyStore.canReauth()) {
osAuthDialogShown = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
}
await SpecialPowers.spawn(gBrowser.selectedBrowser, [], async function () {
let loginItem = content.document.querySelector("login-item");
let copyPassword = loginItem.shadowRoot.querySelector(
"copy-password-button"
);
copyPassword.click();
});
await osAuthDialogShown;
info("OS auth dialog shown and authenticated");
await SpecialPowers.spawn(gBrowser.selectedBrowser, [], async function () {
info("Password was copied to clipboard");
});
BrowserTestUtils.removeTab(gBrowser.selectedTab);
});
add_task(async function test_osAuth_not_shown_within_expiration_time() {
if (!OSKeyStoreTestUtils.canTestOSKeyStoreLogin()) {
Assert.ok(
true,
`skipping test since oskeystore cannot be automated in this environment`
);
return;
}
await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: "about:logins",
});
let osAuthDialogShown = Promise.resolve();
if (OSKeyStore.canReauth()) {
osAuthDialogShown = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
}
await SpecialPowers.spawn(gBrowser.selectedBrowser, [], async function () {
let loginItem = content.document.querySelector("login-item");
let copyPassword = loginItem.shadowRoot.querySelector(
"copy-password-button"
);
copyPassword.click();
});
await osAuthDialogShown;
info("OS auth dialog shown and authenticated");
await SpecialPowers.spawn(gBrowser.selectedBrowser, [], async function () {
add_task(async function test() {
info(
"'Edit' shouldn't show the prompt since the user has authenticated now"
`updatechannel: ${UpdateUtils.getUpdateChannel(false)}; platform: ${
AppConstants.platform
}`
);
let loginItem = content.document.querySelector("login-item");
Assert.ok(
!loginItem.dataset.editing,
"Not in edit mode before clicking 'Edit'"
);
let editButton = loginItem.shadowRoot.querySelector("edit-button");
editButton.click();
await ContentTaskUtils.waitForCondition(
() => loginItem.dataset.editing,
"waiting for 'edit' mode"
);
Assert.ok(loginItem.dataset.editing, "In edit mode");
});
BrowserTestUtils.removeTab(gBrowser.selectedTab);
});
add_task(async function test_osAuth_shown_after_expiration_timeout() {
if (!OSKeyStoreTestUtils.canTestOSKeyStoreLogin()) {
Assert.ok(
true,
@@ -253,106 +14,20 @@ add_task(async function test_osAuth_shown_after_expiration_timeout() {
);
return;
}
TEST_LOGIN1 = await addLogin(TEST_LOGIN1);
await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: "about:logins",
});
let osAuthDialogShown = Promise.resolve();
if (OSKeyStore.canReauth()) {
osAuthDialogShown = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
}
await SpecialPowers.spawn(gBrowser.selectedBrowser, [], async function () {
let loginItem = content.document.querySelector("login-item");
let copyPassword = loginItem.shadowRoot.querySelector(
"copy-password-button"
);
copyPassword.click();
});
await osAuthDialogShown;
info("OS auth dialog shown and authenticated");
// Show OS auth dialog since the timeout will have expired
if (OSKeyStore.canReauth()) {
osAuthDialogShown = forceAuthTimeoutAndWaitForOSKeyStoreLogin({
loginResult: true,
});
}
await SpecialPowers.spawn(gBrowser.selectedBrowser, [], async function () {
let loginItem = content.document.querySelector("login-item");
let revealCheckbox = loginItem.shadowRoot.querySelector(
".reveal-password-checkbox"
);
revealCheckbox.click();
});
await osAuthDialogShown;
info("OS auth dialog shown and authenticated");
await BrowserTestUtils.removeTab(gBrowser.selectedTab);
});
add_task(async function test_osAuth_shown_on_reload() {
if (!OSKeyStoreTestUtils.canTestOSKeyStoreLogin()) {
Assert.ok(
true,
`skipping test since oskeystore cannot be automated in this environment`
);
return;
}
await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: "about:logins",
});
let osAuthDialogShown = Promise.resolve();
if (OSKeyStore.canReauth()) {
osAuthDialogShown = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
}
await SpecialPowers.spawn(gBrowser.selectedBrowser, [], async function () {
let loginItem = content.document.querySelector("login-item");
let copyPassword = loginItem.shadowRoot.querySelector(
"copy-password-button"
);
copyPassword.click();
});
await osAuthDialogShown;
info("OS auth dialog shown and authenticated");
info("Test that the OS auth prompt is shown after about:logins is reopened");
registerCleanupFunction(function () {
Services.logins.removeAllUserFacingLogins();
BrowserTestUtils.removeTab(gBrowser.selectedTab);
await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: "about:logins",
});
// Show OS auth dialog since the page has been reloaded.
osAuthDialogShown = Promise.resolve();
if (OSKeyStore.canReauth()) {
osAuthDialogShown = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
}
await SpecialPowers.spawn(gBrowser.selectedBrowser, [], async function () {
let loginItem = content.document.querySelector("login-item");
let revealCheckbox = loginItem.shadowRoot.querySelector(
".reveal-password-checkbox"
);
revealCheckbox.click();
});
await osAuthDialogShown;
info("OS auth dialog shown and authenticated");
BrowserTestUtils.removeTab(gBrowser.selectedTab);
});
add_task(async function test_osAuth_shown_again_on_cancel() {
if (!OSKeyStoreTestUtils.canTestOSKeyStoreLogin()) {
Assert.ok(
true,
`skipping test since oskeystore cannot be automated in this environment`
);
return;
}
await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: "about:logins",
});
// Show OS auth dialog when Reveal Password checkbox is checked if not on a new login
let osAuthDialogShown = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(false);
await SpecialPowers.spawn(gBrowser.selectedBrowser, [], async function () {
let loginItem = content.document.querySelector("login-item");
@@ -373,5 +48,118 @@ add_task(async function test_osAuth_shown_again_on_cancel() {
"reveal checkbox should be unchecked if OS auth dialog canceled"
);
});
osAuthDialogShown = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
await SpecialPowers.spawn(gBrowser.selectedBrowser, [], async function () {
let loginItem = content.document.querySelector("login-item");
let revealCheckbox = loginItem.shadowRoot.querySelector(
".reveal-password-checkbox"
);
revealCheckbox.click();
});
await osAuthDialogShown;
info("OS auth dialog shown and authenticated");
await SpecialPowers.spawn(gBrowser.selectedBrowser, [], async function () {
let loginItem = content.document.querySelector("login-item");
let revealCheckbox = loginItem.shadowRoot.querySelector(
".reveal-password-checkbox"
);
Assert.ok(
revealCheckbox.checked,
"reveal checkbox should be checked if OS auth dialog authenticated"
);
});
info("'Edit' shouldn't show the prompt since the user has authenticated now");
await SpecialPowers.spawn(gBrowser.selectedBrowser, [], async function () {
let loginItem = content.document.querySelector("login-item");
Assert.ok(
!loginItem.dataset.editing,
"Not in edit mode before clicking 'Edit'"
);
let editButton = loginItem.shadowRoot.querySelector("edit-button");
editButton.click();
await ContentTaskUtils.waitForCondition(
() => loginItem.dataset.editing,
"waiting for 'edit' mode"
);
Assert.ok(loginItem.dataset.editing, "In edit mode");
});
info("Test that the OS auth prompt is shown after about:logins is reopened");
BrowserTestUtils.removeTab(gBrowser.selectedTab);
await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: "about:logins",
});
// Show OS auth dialog since the page has been reloaded.
osAuthDialogShown = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(false);
await SpecialPowers.spawn(gBrowser.selectedBrowser, [], async function () {
let loginItem = content.document.querySelector("login-item");
let revealCheckbox = loginItem.shadowRoot.querySelector(
".reveal-password-checkbox"
);
revealCheckbox.click();
});
await osAuthDialogShown;
info("OS auth dialog shown and canceled");
// Show OS auth dialog since the previous attempt was canceled
osAuthDialogShown = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
await SpecialPowers.spawn(gBrowser.selectedBrowser, [], async function () {
let loginItem = content.document.querySelector("login-item");
let revealCheckbox = loginItem.shadowRoot.querySelector(
".reveal-password-checkbox"
);
revealCheckbox.click();
info("clicking on reveal checkbox to hide the password");
revealCheckbox.click();
});
await osAuthDialogShown;
info("OS auth dialog shown and passed");
// Show OS auth dialog since the timeout will have expired
osAuthDialogShown = forceAuthTimeoutAndWaitForOSKeyStoreLogin({
loginResult: true,
});
await SpecialPowers.spawn(gBrowser.selectedBrowser, [], async function () {
let loginItem = content.document.querySelector("login-item");
let revealCheckbox = loginItem.shadowRoot.querySelector(
".reveal-password-checkbox"
);
info("clicking on reveal checkbox to reveal password");
revealCheckbox.click();
});
info("waiting for os auth dialog");
await osAuthDialogShown;
info("OS auth dialog shown and passed after timeout expiration");
// Disable the OS auth feature and confirm the prompt doesn't appear
await SpecialPowers.pushPrefEnv({
set: [["signon.management.page.os-auth.enabled", false]],
});
info("Reload about:logins to reset the timeout");
BrowserTestUtils.removeTab(gBrowser.selectedTab);
await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: "about:logins",
});
info("'Edit' shouldn't show the prompt since the feature has been disabled");
await SpecialPowers.spawn(gBrowser.selectedBrowser, [], async function () {
let loginItem = content.document.querySelector("login-item");
Assert.ok(
!loginItem.dataset.editing,
"Not in edit mode before clicking 'Edit'"
);
let editButton = loginItem.shadowRoot.querySelector("edit-button");
editButton.click();
await ContentTaskUtils.waitForCondition(
() => loginItem.dataset.editing,
"waiting for 'edit' mode"
);
Assert.ok(loginItem.dataset.editing, "In edit mode");
});
});

8
browser/components/aboutlogins/tests/browser/browser_removeAllDialog.js
View File

@@ -2,6 +2,8 @@
* http://creativecommons.org/publicdomain/zero/1.0/ */
/* eslint-disable mozilla/no-arbitrary-setTimeout */
const OS_REAUTH_PREF = "signon.management.page.os-auth.enabled";
async function openRemoveAllDialog(browser) {
await SimpleTest.promiseFocus(browser);
await BrowserTestUtils.synthesizeMouseAtCenter("menu-button", {}, browser);
@@ -78,7 +80,9 @@ async function waitForRemoveAllLogins() {
}
add_setup(async function () {
LoginHelper.setOSAuthEnabled(PASSWORDS_OS_REAUTH_PREF, false);
await SpecialPowers.pushPrefEnv({
set: [[OS_REAUTH_PREF, false]],
});
await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: "about:logins",
@@ -86,7 +90,7 @@ add_setup(async function () {
registerCleanupFunction(async () => {
BrowserTestUtils.removeTab(gBrowser.selectedTab);
Services.logins.removeAllUserFacingLogins();
LoginHelper.setOSAuthEnabled(PASSWORDS_OS_REAUTH_PREF, true);
await SpecialPowers.popPrefEnv();
});
TEST_LOGIN1 = await addLogin(TEST_LOGIN1);
});

13
browser/components/aboutlogins/tests/browser/browser_updateLogin.js
View File

@@ -124,10 +124,7 @@ add_task(async function test_login_item() {
}
let browser = gBrowser.selectedBrowser;
let reauthObserved = Promise.resolve();
if (OSKeyStore.canReauth()) {
reauthObserved = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
}
let reauthObserved = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
await SpecialPowers.spawn(
browser,
[LoginHelper.loginToVanillaObject(TEST_LOGIN1)],
@@ -166,11 +163,9 @@ add_task(async function test_login_item() {
],
test_discard_dialog
);
if (OSKeyStore.canReauth()) {
reauthObserved = forceAuthTimeoutAndWaitForOSKeyStoreLogin({
loginResult: true,
});
}
await SpecialPowers.spawn(browser, [], async () => {
let loginItem = Cu.waiveXrays(content.document.querySelector("login-item"));
let editButton = loginItem.shadowRoot
@@ -189,11 +184,9 @@ add_task(async function test_login_item() {
],
test_discard_dialog
);
if (OSKeyStore.canReauth()) {
reauthObserved = forceAuthTimeoutAndWaitForOSKeyStoreLogin({
loginResult: true,
});
}
await SpecialPowers.spawn(browser, [], async () => {
let loginItem = Cu.waiveXrays(content.document.querySelector("login-item"));
let editButton = loginItem.shadowRoot
@@ -296,11 +289,9 @@ add_task(async function test_login_item() {
);
}
);
if (OSKeyStore.canReauth()) {
reauthObserved = forceAuthTimeoutAndWaitForOSKeyStoreLogin({
loginResult: true,
});
}
await SpecialPowers.spawn(browser, [], async () => {
let loginItem = Cu.waiveXrays(content.document.querySelector("login-item"));
let editButton = loginItem.shadowRoot
@@ -369,11 +360,9 @@ add_task(async function test_login_item() {
"Password field width should be correctly updated"
);
});
if (OSKeyStore.canReauth()) {
reauthObserved = forceAuthTimeoutAndWaitForOSKeyStoreLogin({
loginResult: true,
});
}
await SpecialPowers.spawn(browser, [], async () => {
let loginItem = Cu.waiveXrays(content.document.querySelector("login-item"));
let editButton = loginItem.shadowRoot

20
browser/components/aboutlogins/tests/browser/head.js
View File

@@ -13,11 +13,6 @@ let { _AboutLogins } = ChromeUtils.importESModule(
let { OSKeyStoreTestUtils } = ChromeUtils.importESModule(
"resource://testing-common/OSKeyStoreTestUtils.sys.mjs"
);
const { OSKeyStore } = ChromeUtils.importESModule(
"resource://gre/modules/OSKeyStore.sys.mjs"
);
var { LoginTestUtils } = ChromeUtils.importESModule(
"resource://testing-common/LoginTestUtils.sys.mjs"
);
@@ -58,15 +53,6 @@ let TEST_LOGIN3 = new nsLoginInfo(
);
TEST_LOGIN3.QueryInterface(Ci.nsILoginMetaInfo).timePasswordChanged = 123456;
const PASSWORDS_OS_REAUTH_PREF = "signon.management.page.os-auth.optout";
const CryptoErrors = {
USER_CANCELED_PASSWORD: "User canceled primary password entry",
ENCRYPTION_FAILURE: "Couldn't encrypt string",
INVALID_ARG_ENCRYPT: "Need at least one plaintext to encrypt",
INVALID_ARG_DECRYPT: "Need at least one ciphertext to decrypt",
DECRYPTION_FAILURE: "Couldn't decrypt string",
};
async function addLogin(login) {
const result = await Services.logins.addLoginAsync(login);
registerCleanupFunction(() => {
@@ -167,12 +153,6 @@ add_setup(async function setup_head() {
// Ignore MarionetteEvents error (Bug 1730837, Bug 1710079).
return;
}
if (msg.errorMessage.includes(CryptoErrors.DECRYPTION_FAILURE)) {
// Ignore decyption errors, we want to test if decryption failed
// But we cannot use try / catch in the test to catch this for some reason
// Bug 1403081 and Bug 1877720
return;
}
Assert.ok(false, msg.message || msg.errorMessage);
});

6
browser/components/preferences/privacy.inc.xhtml
View File

@@ -551,12 +551,6 @@
/>
</hbox>
</vbox>
<vbox>
<hbox id="osReauthRow" align="center">
<checkbox id="osReauthCheckbox"
data-l10n-id="forms-os-reauth"/>
</hbox>
</vbox>
<vbox>
<hbox id="masterPasswordRow" align="center">
<checkbox id="useMasterPassword"

63
browser/components/preferences/privacy.js
View File

@@ -60,10 +60,6 @@ ChromeUtils.defineLazyGetter(this, "AlertsServiceDND", function () {
}
});
ChromeUtils.defineLazyGetter(lazy, "AboutLoginsL10n", () => {
return new Localization(["branding/brand.ftl", "browser/aboutLogins.ftl"]);
});
XPCOMUtils.defineLazyServiceGetter(
lazy,
"gParentalControlsService",
@@ -71,6 +67,13 @@ XPCOMUtils.defineLazyServiceGetter(
"nsIParentalControlsService"
);
XPCOMUtils.defineLazyPreferenceGetter(
this,
"OS_AUTH_ENABLED",
"signon.management.page.os-auth.enabled",
true
);
XPCOMUtils.defineLazyPreferenceGetter(
this,
"gIsFirstPartyIsolated",
@@ -1050,7 +1053,6 @@ var gPrivacyPane = {
this._initPasswordGenerationUI();
this._initRelayIntegrationUI();
this._initMasterPasswordUI();
this._initOSAuthentication();
this.initListenersForExtensionControllingPasswordManager();
@@ -2861,7 +2863,8 @@ var gPrivacyPane = {
// OS reauthenticate functionality is not available on Linux yet (bug 1527745)
if (
!LoginHelper.isPrimaryPasswordSet() &&
LoginHelper.getOSAuthEnabled(LoginHelper.OS_AUTH_FOR_PASSWORDS_PREF)
OS_AUTH_ENABLED &&
OSKeyStore.canReauth()
) {
// Uses primary-password-os-auth-dialog-message-win and
// primary-password-os-auth-dialog-message-macosx via concatenation:
@@ -2958,54 +2961,6 @@ var gPrivacyPane = {
this._updateRelayIntegrationUI();
},
async _toggleOSAuth() {
let osReauthCheckbox = document.getElementById("osReauthCheckbox");
const messageText = await lazy.AboutLoginsL10n.formatValue(
"about-logins-os-auth-dialog-message"
);
const captionText = await lazy.AboutLoginsL10n.formatValue(
"about-logins-os-auth-dialog-caption"
);
let win =
osReauthCheckbox.ownerGlobal.docShell.chromeEventHandler.ownerGlobal;
// Calling OSKeyStore.ensureLoggedIn() instead of LoginHelper.verifyOSAuth()
// since we want to authenticate user each time this stting is changed.
let isAuthorized = (
await OSKeyStore.ensureLoggedIn(messageText, captionText, win, false)
).authenticated;
if (!isAuthorized) {
osReauthCheckbox.checked = !osReauthCheckbox.checked;
return;
}
// If osReauthCheckbox is checked enable osauth.
LoginHelper.setOSAuthEnabled(
LoginHelper.OS_AUTH_FOR_PASSWORDS_PREF,
osReauthCheckbox.checked
);
},
_initOSAuthentication() {
let osReauthCheckbox = document.getElementById("osReauthCheckbox");
if (!OSKeyStore.canReauth()) {
osReauthCheckbox.hidden = true;
return;
}
osReauthCheckbox.setAttribute(
"checked",
LoginHelper.getOSAuthEnabled(LoginHelper.OS_AUTH_FOR_PASSWORDS_PREF)
);
setEventListener(
"osReauthCheckbox",
"command",
gPrivacyPane._toggleOSAuth.bind(gPrivacyPane)
);
},
/**
* Shows the sites where the user has saved passwords and the associated login
* information.

6
browser/extensions/formautofill/content/manageDialog.mjs
View File

@@ -379,14 +379,14 @@ export class ManageCreditCards extends ManageRecords {
"autofill-edit-payment-method-os-prompt-other"
);
const verified = await lazy.FormAutofillUtils.verifyUserOSAuth(
FormAutofill.AUTOFILL_CREDITCARDS_REAUTH_PREF,
const loggedIn = await lazy.FormAutofillUtils.ensureLoggedIn(
promptMessage
);
if (!verified) {
if (!loggedIn.authenticated) {
return;
}
}
let decryptedCCNumObj = {};
if (creditCard && creditCard["cc-number-encrypted"]) {
try {

4
browser/extensions/formautofill/test/browser/browser_editAddressDialog.js
View File

@@ -1,5 +1,9 @@
"use strict";
const { FormAutofillUtils } = ChromeUtils.importESModule(
"resource://gre/modules/shared/FormAutofillUtils.sys.mjs"
);
const { FormAutofill } = ChromeUtils.importESModule(
"resource://autofill/FormAutofill.sys.mjs"
);

4
browser/extensions/formautofill/test/browser/creditCard/browser.toml
View File

@@ -1,6 +1,7 @@
[DEFAULT]
prefs = [
"extensions.formautofill.creditCards.enabled=true",
"extensions.formautofill.reauth.enabled=true",
"toolkit.telemetry.ipcBatchTimeout=0", # lower the interval for event telemetry in the content process to update the parent process
]
support-files = [
@@ -101,9 +102,6 @@ skip-if = ["apple_silicon && !debug"] # Bug 1714221
["browser_creditCard_heuristics_cc_type.js"]
skip-if = ["apple_silicon && !debug"] # Bug 1714221
["browser_creditCard_osAuth.js"]
skip-if = ["os == 'linux'"]
["browser_creditCard_submission_autodetect_type.js"]
skip-if = ["apple_silicon && !debug"]

18
browser/extensions/formautofill/test/browser/creditCard/browser_anti_clickjacking.js
View File

@@ -26,12 +26,11 @@ add_task(async function test_active_delay() {
// gets opened and listen for it in this test before we check if the item
// is disabled.
await SpecialPowers.pushPrefEnv({
set: [["security.notification_enable_delay", 1000]],
set: [
["security.notification_enable_delay", 1000],
["extensions.formautofill.reauth.enabled", false],
],
});
FormAutofillUtils.setOSAuthEnabled(
FormAutofillUtils.AUTOFILL_CREDITCARDS_REAUTH_PREF,
false
);
await BrowserTestUtils.withNewTab(
{ gBrowser, url: CC_URL },
async function (browser) {
@@ -87,7 +86,10 @@ add_task(async function test_active_delay() {
add_task(async function test_no_delay() {
await SpecialPowers.pushPrefEnv({
set: [["security.notification_enable_delay", 1000]],
set: [
["security.notification_enable_delay", 1000],
["extensions.formautofill.reauth.enabled", false],
],
});
await BrowserTestUtils.withNewTab(
{ gBrowser, url: ADDRESS_URL },
@@ -122,8 +124,4 @@ add_task(async function test_no_delay() {
await closePopup(browser);
}
);
FormAutofillUtils.setOSAuthEnabled(
FormAutofillUtils.AUTOFILL_CREDITCARDS_REAUTH_PREF,
true
);
});

9
browser/extensions/formautofill/test/browser/creditCard/browser_creditCard_doorhanger_action.js
View File

@@ -132,14 +132,12 @@ add_task(async function test_update_doorhanger_click_save() {
await setStorage(TEST_CREDIT_CARD_1);
let creditCards = await getCreditCards();
is(creditCards.length, 1, "1 credit card in storage");
let osKeyStoreLoginShown = null;
let onChanged = waitForStorageChangedEvents("add");
await BrowserTestUtils.withNewTab(
{ gBrowser, url: CREDITCARD_FORM_URL },
async function (browser) {
if (OSKeyStore.canReauth()) {
osKeyStoreLoginShown = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
}
let osKeyStoreLoginShown =
OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
let onPopupShown = waitForPopupShown();
await openPopupOn(browser, "form #cc-name");
await BrowserTestUtils.synthesizeKey("VK_DOWN", {}, browser);
@@ -155,10 +153,7 @@ add_task(async function test_update_doorhanger_click_save() {
await onPopupShown;
await clickDoorhangerButton(SECONDARY_BUTTON);
if (osKeyStoreLoginShown) {
await osKeyStoreLoginShown;
ok(osKeyStoreLoginShown, "OS re-auth promise Complete");
}
}
);
await onChanged;

22
browser/extensions/formautofill/test/browser/creditCard/browser_creditCard_doorhanger_display.js
View File

@@ -107,20 +107,16 @@ add_task(async function test_doorhanger_not_shown_when_autofill_untouched() {
let creditCards = await getCreditCards();
is(creditCards.length, 1, "1 credit card in storage");
let osKeyStoreLoginShown = null;
let onUsed = waitForStorageChangedEvents("notifyUsed");
await BrowserTestUtils.withNewTab(
{ gBrowser, url: CREDITCARD_FORM_URL },
async function (browser) {
if (OSKeyStore.canReauth()) {
osKeyStoreLoginShown = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
}
let osKeyStoreLoginShown =
OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
await openPopupOn(browser, "form #cc-name");
await BrowserTestUtils.synthesizeKey("VK_DOWN", {}, browser);
await BrowserTestUtils.synthesizeKey("VK_RETURN", {}, browser);
if (osKeyStoreLoginShown) {
await osKeyStoreLoginShown;
}
await waitForAutofill(browser, "#cc-name", "John Doe");
await SpecialPowers.spawn(browser, [], async function () {
@@ -190,15 +186,12 @@ add_task(
await setStorage(TEST_CREDIT_CARD_1, TEST_CREDIT_CARD_2);
let creditCards = await getCreditCards();
is(creditCards.length, 2, "2 credit card in storage");
let osKeyStoreLoginShown = null;
let onUsed = waitForStorageChangedEvents("notifyUsed");
await BrowserTestUtils.withNewTab(
{ gBrowser, url: CREDITCARD_FORM_URL },
async function (browser) {
if (OSKeyStore.canReauth()) {
osKeyStoreLoginShown =
let osKeyStoreLoginShown =
OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
}
await openPopupOn(browser, "form #cc-number");
await BrowserTestUtils.synthesizeKey("VK_DOWN", {}, browser);
await BrowserTestUtils.synthesizeKey("VK_RETURN", {}, browser);
@@ -221,10 +214,8 @@ add_task(
await sleep(1000);
is(PopupNotifications.panel.state, "closed", "Doorhanger is hidden");
if (osKeyStoreLoginShown) {
await osKeyStoreLoginShown;
}
}
);
await onUsed;
@@ -251,15 +242,12 @@ add_task(
let creditCards = await getCreditCards();
is(creditCards.length, 2, "2 credit card in storage");
let osKeyStoreLoginShown = null;
let onUsed = waitForStorageChangedEvents("notifyUsed");
await BrowserTestUtils.withNewTab(
{ gBrowser, url: CREDITCARD_FORM_URL },
async function (browser) {
if (OSKeyStore.canReauth()) {
osKeyStoreLoginShown =
let osKeyStoreLoginShown =
OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
}
await openPopupOn(browser, "form #cc-number");
await BrowserTestUtils.synthesizeKey("VK_DOWN", {}, browser);
await BrowserTestUtils.synthesizeKey("VK_RETURN", {}, browser);
@@ -279,10 +267,8 @@ add_task(
await sleep(1000);
is(PopupNotifications.panel.state, "closed", "Doorhanger is hidden");
if (osKeyStoreLoginShown) {
await osKeyStoreLoginShown;
}
}
);
await onUsed;

18
browser/extensions/formautofill/test/browser/creditCard/browser_creditCard_doorhanger_fields.js
View File

@@ -13,23 +13,18 @@ add_task(async function test_update_autofill_name_field() {
let creditCards = await getCreditCards();
is(creditCards.length, 1, "1 credit card in storage");
let osKeyStoreLoginShown = null;
let onChanged = waitForStorageChangedEvents("update", "notifyUsed");
await BrowserTestUtils.withNewTab(
{ gBrowser, url: CREDITCARD_FORM_URL },
async function (browser) {
if (OSKeyStore.canReauth()) {
osKeyStoreLoginShown = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
}
let osKeyStoreLoginShown =
OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
let onPopupShown = waitForPopupShown();
await openPopupOn(browser, "form #cc-name");
await BrowserTestUtils.synthesizeKey("VK_DOWN", {}, browser);
await BrowserTestUtils.synthesizeKey("VK_RETURN", {}, browser);
if (osKeyStoreLoginShown) {
await osKeyStoreLoginShown;
ok(osKeyStoreLoginShown, "OS Auth Dialog shown and authenticated");
}
await waitForAutofill(browser, "#cc-name", "John Doe");
await focusUpdateSubmitForm(browser, {
@@ -68,22 +63,17 @@ add_task(async function test_update_autofill_exp_date_field() {
await setStorage(TEST_CREDIT_CARD_1);
let creditCards = await getCreditCards();
is(creditCards.length, 1, "1 credit card in storage");
let osKeyStoreLoginShown = null;
let onChanged = waitForStorageChangedEvents("update", "notifyUsed");
await BrowserTestUtils.withNewTab(
{ gBrowser, url: CREDITCARD_FORM_URL },
async function (browser) {
if (OSKeyStore.canReauth()) {
osKeyStoreLoginShown = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
}
let osKeyStoreLoginShown =
OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
let onPopupShown = waitForPopupShown();
await openPopupOn(browser, "form #cc-name");
await BrowserTestUtils.synthesizeKey("VK_DOWN", {}, browser);
await BrowserTestUtils.synthesizeKey("VK_RETURN", {}, browser);
if (osKeyStoreLoginShown) {
await osKeyStoreLoginShown;
ok(osKeyStoreLoginShown, "OS Auth Dialog shown and authenticated");
}
await waitForAutofill(browser, "#cc-name", "John Doe");
await focusUpdateSubmitForm(browser, {

6
browser/extensions/formautofill/test/browser/creditCard/browser_creditCard_doorhanger_iframe.js
View File

@@ -30,10 +30,8 @@ add_task(async function test_iframe_submit_untouched_creditCard_form() {
await BrowserTestUtils.withNewTab(
{ gBrowser, url: CREDITCARD_FORM_IFRAME_URL },
async function (browser) {
let osKeyStoreLoginShown = Promise.resolve();
if (OSKeyStore.canReauth()) {
osKeyStoreLoginShown = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
}
let osKeyStoreLoginShown =
OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
let iframeBC = browser.browsingContext.children[0];
await openPopupOnSubframe(browser, iframeBC, "form #cc-name");

193
browser/extensions/formautofill/test/browser/creditCard/browser_creditCard_osAuth.js
View File

@@ -1,193 +0,0 @@
"use strict";
const PAGE_PREFS = "about:preferences";
const PAGE_PRIVACY = PAGE_PREFS + "#privacy";
const SELECTORS = {
savedCreditCardsBtn: "#creditCardAutofill button",
reauthCheckbox: "#creditCardReauthenticate checkbox",
};
// On mac, this test times out in chaos mode
requestLongerTimeout(2);
add_setup(async function () {
// Load in a few credit cards
await SpecialPowers.pushPrefEnv({
set: [["privacy.reduceTimerPrecision", false]],
});
await setStorage(TEST_CREDIT_CARD_1, TEST_CREDIT_CARD_2);
});
add_task(async function test_os_auth_enabled_with_checkbox() {
let finalPrefPaneLoaded = TestUtils.topicObserved("sync-pane-loaded");
await BrowserTestUtils.withNewTab(
{ gBrowser, url: PAGE_PRIVACY },
async function (browser) {
await finalPrefPaneLoaded;
await SpecialPowers.spawn(browser, [SELECTORS], async selectors => {
is(
content.document.querySelector(selectors.reauthCheckbox).checked,
true,
"OSReauth for credit cards should be checked"
);
});
is(
FormAutofillUtils.getOSAuthEnabled(
FormAutofillUtils.AUTOFILL_CREDITCARDS_REAUTH_PREF
),
true,
"OSAuth should be enabled."
);
}
);
});
add_task(async function test_os_auth_disabled_with_checkbox() {
let finalPrefPaneLoaded = TestUtils.topicObserved("sync-pane-loaded");
FormAutofillUtils.setOSAuthEnabled(
FormAutofillUtils.AUTOFILL_CREDITCARDS_REAUTH_PREF,
false
);
await BrowserTestUtils.withNewTab(
{ gBrowser, url: PAGE_PRIVACY },
async function (browser) {
await finalPrefPaneLoaded;
await SpecialPowers.spawn(browser, [SELECTORS], async selectors => {
is(
content.document.querySelector(selectors.reauthCheckbox).checked,
false,
"OSReauth for credit cards should be unchecked"
);
});
is(
FormAutofillUtils.getOSAuthEnabled(
FormAutofillUtils.AUTOFILL_CREDITCARDS_REAUTH_PREF
),
false,
"OSAuth should be disabled"
);
}
);
FormAutofillUtils.setOSAuthEnabled(
FormAutofillUtils.AUTOFILL_CREDITCARDS_REAUTH_PREF,
true
);
});
add_task(async function test_OSAuth_enabled_with_random_value_in_pref() {
let finalPrefPaneLoaded = TestUtils.topicObserved("sync-pane-loaded");
await SpecialPowers.pushPrefEnv({
set: [
[FormAutofillUtils.AUTOFILL_CREDITCARDS_REAUTH_PREF, "poutine-gravy"],
],
});
await BrowserTestUtils.withNewTab(
{ gBrowser, url: PAGE_PRIVACY },
async function (browser) {
await finalPrefPaneLoaded;
await SpecialPowers.spawn(browser, [SELECTORS], async selectors => {
let reauthCheckbox = content.document.querySelector(
selectors.reauthCheckbox
);
is(
reauthCheckbox.checked,
true,
"OSReauth for credit cards should be checked"
);
});
is(
FormAutofillUtils.getOSAuthEnabled(
FormAutofillUtils.AUTOFILL_CREDITCARDS_REAUTH_PREF
),
true,
"OSAuth should be enabled since the pref does not decrypt to 'opt out'."
);
}
);
});
add_task(async function test_osAuth_enabled_behaviour() {
let finalPrefPaneLoaded = TestUtils.topicObserved("sync-pane-loaded");
await SpecialPowers.pushPrefEnv({
set: [[FormAutofillUtils.AUTOFILL_CREDITCARDS_REAUTH_PREF, ""]],
});
await BrowserTestUtils.withNewTab(
{ gBrowser, url: PAGE_PRIVACY },
async function (browser) {
await finalPrefPaneLoaded;
if (!OSKeyStoreTestUtils.canTestOSKeyStoreLogin()) {
// The rest of the test uses Edit mode which causes an OS prompt in official builds.
return;
}
let reauthObserved = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
await SpecialPowers.spawn(browser, [SELECTORS], async selectors => {
content.document.querySelector(selectors.savedCreditCardsBtn).click();
});
let ccManageDialog = await waitForSubDialogLoad(
content,
MANAGE_CREDIT_CARDS_DIALOG_URL
);
await SpecialPowers.spawn(ccManageDialog, [], async () => {
let selRecords = content.document.getElementById("credit-cards");
await EventUtils.synthesizeMouseAtCenter(
selRecords.children[0],
[],
content
);
content.document.querySelector("#edit").click();
});
await reauthObserved; // If the OS does not popup, this will cause a timeout in the test.
await waitForSubDialogLoad(content, EDIT_CREDIT_CARD_DIALOG_URL);
}
);
});
add_task(async function test_osAuth_disabled_behavior() {
let finalPrefPaneLoaded = TestUtils.topicObserved("sync-pane-loaded");
FormAutofillUtils.setOSAuthEnabled(
FormAutofillUtils.AUTOFILL_CREDITCARDS_REAUTH_PREF,
false
);
await BrowserTestUtils.withNewTab(
{ gBrowser, url: PAGE_PRIVACY },
async function (browser) {
await finalPrefPaneLoaded;
await SpecialPowers.spawn(
browser,
[SELECTORS.savedCreditCardsBtn, SELECTORS.reauthCheckbox],
async (saveButton, reauthCheckbox) => {
is(
content.document.querySelector(reauthCheckbox).checked,
false,
"OSReauth for credit cards should NOT be checked"
);
content.document.querySelector(saveButton).click();
}
);
let ccManageDialog = await waitForSubDialogLoad(
content,
MANAGE_CREDIT_CARDS_DIALOG_URL
);
await SpecialPowers.spawn(ccManageDialog, [], async () => {
let selRecords = content.document.getElementById("credit-cards");
await EventUtils.synthesizeMouseAtCenter(
selRecords.children[0],
[],
content
);
content.document.getElementById("edit").click();
});
info("The OS Auth dialog should NOT show up");
// If OSAuth prompt shows up, the next line would cause a timeout since the edit dialog would not show up.
await waitForSubDialogLoad(content, EDIT_CREDIT_CARD_DIALOG_URL);
}
);
FormAutofillUtils.setOSAuthEnabled(
FormAutofillUtils.AUTOFILL_CREDITCARDS_REAUTH_PREF,
true
);
});

15
browser/extensions/formautofill/test/browser/creditCard/browser_creditCard_telemetry.js
View File

@@ -154,15 +154,12 @@ async function openTabAndUseCreditCard(
creditCard,
{ closeTab = true, submitForm = true } = {}
) {
let osKeyStoreLoginShown = null;
let osKeyStoreLoginShown = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
let tab = await BrowserTestUtils.openNewForegroundTab(
gBrowser,
CREDITCARD_FORM_URL
);
if (OSKeyStore.canReauth()) {
osKeyStoreLoginShown = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
}
let browser = tab.linkedBrowser;
await openPopupOn(browser, "form #cc-name");
@@ -170,9 +167,7 @@ async function openTabAndUseCreditCard(
await BrowserTestUtils.synthesizeKey("VK_DOWN", {}, browser);
}
await BrowserTestUtils.synthesizeKey("VK_RETURN", {}, browser);
if (osKeyStoreLoginShown) {
await osKeyStoreLoginShown;
}
await waitForAutofill(browser, "#cc-number", creditCard["cc-number"]);
await focusUpdateSubmitForm(
browser,
@@ -697,14 +692,10 @@ add_task(async function test_submit_creditCard_update() {
let creditCards = await getCreditCards();
Assert.equal(creditCards.length, 1, "1 credit card in storage");
let osKeyStoreLoginShown = null;
let osKeyStoreLoginShown = OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
await BrowserTestUtils.withNewTab(
{ gBrowser, url: CREDITCARD_FORM_URL },
async function (browser) {
if (OSKeyStore.canReauth()) {
osKeyStoreLoginShown =
OSKeyStoreTestUtils.waitForOSKeyStoreLogin(true);
}
let onPopupShown = waitForPopupShown();
let onChanged;
if (expectChanged !== undefined) {
@@ -714,9 +705,7 @@ add_task(async function test_submit_creditCard_update() {
await openPopupOn(browser, "form #cc-name");
await BrowserTestUtils.synthesizeKey("VK_DOWN", {}, browser);
await BrowserTestUtils.synthesizeKey("VK_RETURN", {}, browser);
if (osKeyStoreLoginShown) {
await osKeyStoreLoginShown;
}
await waitForAutofill(browser, "#cc-name", "John Doe");
await focusUpdateSubmitForm(browser, {

4
browser/extensions/formautofill/test/browser/head.js
View File

@@ -24,10 +24,6 @@ const { FormAutofillNameUtils } = ChromeUtils.importESModule(
"resource://gre/modules/shared/FormAutofillNameUtils.sys.mjs"
);
const { FormAutofillUtils } = ChromeUtils.importESModule(
"resource://gre/modules/shared/FormAutofillUtils.sys.mjs"
);
const MANAGE_ADDRESSES_DIALOG_URL =
"chrome://formautofill/content/manageAddresses.xhtml";
const MANAGE_CREDIT_CARDS_DIALOG_URL =

1
browser/extensions/formautofill/test/mochitest/creditCard/mochitest.toml
View File

@@ -2,6 +2,7 @@
prefs = [
"extensions.formautofill.creditCards.supported=on",
"extensions.formautofill.creditCards.enabled=true",
"extensions.formautofill.reauth.enabled=true",
]
support-files = [
"!/toolkit/components/satchel/test/satchel_common.js",

7
browser/extensions/formautofill/test/mochitest/creditCard/test_basic_creditcard_autocomplete_form.html
View File

@@ -197,15 +197,10 @@ add_task(async function check_fields_after_form_autofill() {
})));
synthesizeKey("KEY_ArrowDown");
let osKeyStoreLoginShown = Promise.resolve();
if(OSKeyStore.canReauth()) {
osKeyStoreLoginShown = waitForOSKeyStoreLogin(true);
}
let osKeyStoreLoginShown = waitForOSKeyStoreLogin(true);
await new Promise(resolve => SimpleTest.executeSoon(resolve));
await triggerAutofillAndCheckProfile(MOCK_STORAGE[1].cc);
await osKeyStoreLoginShown;
// Enforcing this since it is unable to change back in chaos mode.
SpecialPowers.clearUserPref("toolkit.osKeyStore.unofficialBuildOnlyLogin");
});
// Fallback to history search after autofill values (for non-empty fields).

7
browser/extensions/formautofill/test/mochitest/creditCard/test_clear_form.html
View File

@@ -159,10 +159,7 @@ add_task(async function clear_distinct_section() {
document.getElementById("form1").reset();
await triggerPopupAndHoverItem("#cc-name", 0);
let osKeyStoreLoginShown = Promise.resolve();
if(OSKeyStore.canReauth()) {
osKeyStoreLoginShown = waitForOSKeyStoreLogin(true);
}
let osKeyStoreLoginShown = waitForOSKeyStoreLogin(true);
await triggerAutofillAndCheckProfile(MOCK_CC_STORAGE_EXPECTED_FILL[0]);
await osKeyStoreLoginShown;
@@ -183,8 +180,6 @@ add_task(async function clear_distinct_section() {
await triggerPopupAndHoverItem("#cc-name", 0);
await confirmClear("#cc-name");
await checkIsFormCleared();
// Enforcing this since it is unable to change back in chaos mode.
SpecialPowers.clearUserPref("toolkit.osKeyStore.unofficialBuildOnlyLogin");
});
</script>

7
browser/extensions/formautofill/test/mochitest/creditCard/test_clear_form_expiry_select_elements.html
View File

@@ -127,10 +127,7 @@ add_task(async function clear_distinct_section() {
todo(false, "Cannot test OS key store login on official builds.");
return;
}
let osKeyStoreLoginShown = Promise.resolve();
if(OSKeyStore.canReauth()) {
osKeyStoreLoginShown = waitForOSKeyStoreLogin(true);
}
let osKeyStoreLoginShown = waitForOSKeyStoreLogin(true);
await triggerPopupAndHoverItem("#cc-name", 0);
await triggerAutofillAndCheckProfile(MOCK_CC_STORAGE[0]);
await osKeyStoreLoginShown;
@@ -150,8 +147,6 @@ add_task(async function clear_distinct_section() {
"cc-exp-month": "MM",
"cc-exp-year": "YY"
});
// Enforcing this since it is unable to change back in chaos mode.
SpecialPowers.clearUserPref("toolkit.osKeyStore.unofficialBuildOnlyLogin");
});
</script>

8
browser/extensions/formautofill/test/mochitest/creditCard/test_preview_highlight_with_multiple_cc_number_fields.html
View File

@@ -143,11 +143,7 @@ add_task(async function check_filled_highlight() {
return;
}
await triggerPopupAndHoverItem("#cc-name", 0);
let osKeyStoreLoginShown = Promise.resolve();
if (OSKeyStore.canReauth()) {
osKeyStoreLoginShown = waitForOSKeyStoreLogin(true);
}
let osKeyStoreLoginShown = waitForOSKeyStoreLogin(true);
// filled 1st credit card option
synthesizeKey("KEY_Enter");
await osKeyStoreLoginShown;
@@ -155,8 +151,6 @@ if (OSKeyStore.canReauth()) {
let profile = MOCK_STORAGE_EXPECTED_FILL[0];
await setupListeners(elements, profile);
await checkMultipleCCNumberFormStyle(profile, false);
// Enforcing this since it is unable to change back in chaos mode.
SpecialPowers.clearUserPref("toolkit.osKeyStore.unofficialBuildOnlyLogin");
});
</script>
<p id="display"></p>

8
browser/extensions/formautofill/test/mochitest/creditCard/test_preview_highlight_with_site_prefill.html
View File

@@ -87,17 +87,11 @@ add_task(async function check_filled_highlight() {
return;
}
await triggerPopupAndHoverItem("#cc-number", 0);
let osKeyStoreLoginShown = Promise.resolve();
if(OSKeyStore.canReauth()) {
osKeyStoreLoginShown = waitForOSKeyStoreLogin(true);
}
let osKeyStoreLoginShown = waitForOSKeyStoreLogin(true);
// filled 1st credit card option
await triggerAutofillAndCheckProfile(MOCK_STORAGE_EXPECTED_FILL[0]);
await osKeyStoreLoginShown;
await checkFormFieldsStyle(MOCK_STORAGE_EXPECTED_FILL[0], false);
// Enforcing this since it is unable to change back in chaos mode.
SpecialPowers.clearUserPref("toolkit.osKeyStore.unofficialBuildOnlyLogin");
});
</script>
<p id="display"></p>

4
browser/extensions/formautofill/test/mochitest/formautofill_common.js
View File

@@ -14,10 +14,6 @@ const { FormAutofillUtils } = SpecialPowers.ChromeUtils.importESModule(
"resource://gre/modules/shared/FormAutofillUtils.sys.mjs"
);
const { OSKeyStore } = SpecialPowers.ChromeUtils.importESModule(
"resource://gre/modules/OSKeyStore.sys.mjs"
);
async function sleep(ms = 500, reason = "Intentionally wait for UI ready") {
SimpleTest.requestFlakyTimeout(reason);
await new Promise(resolve => setTimeout(resolve, ms));

12
browser/locales/en-US/browser/aboutLogins.ftl
View File

@@ -134,20 +134,12 @@ login-item-timeline-action-used = Used
## OS Authentication dialog
about-logins-os-auth-dialog-caption = { -brand-full-name }
## The macOS strings are preceded by the operating system with "Firefox is trying to "
## and includes subtitle of "Enter password for the user "xxx" to allow this." These
## notes are only valid for English. Please test in your respected locale.
# The macOS strings are preceded by the operating system with "Firefox is trying to ".
# This message can be seen when attempting to disable osauth in about:preferences.
about-logins-os-auth-dialog-message=
{ PLATFORM() ->
[macos] change the settings for passwords
*[other] { -brand-short-name } is trying to change the settings for passwords. Use your device sign in to allow this.
}
about-logins-os-auth-dialog-caption = { -brand-full-name }
# This message can be seen when attempting to edit a login in about:logins on Windows.
about-logins-edit-login-os-auth-dialog-message2-win = To edit your password, enter your Windows login credentials. This helps protect the security of your accounts.
# This message can be seen when attempting to edit a login in about:logins

19
browser/locales/en-US/browser/preferences/preferences.ftl
View File

@@ -1036,9 +1036,6 @@ forms-saved-passwords =
forms-primary-pw-use =
.label = Use a Primary Password
.accesskey = U
# This operation requires the user to authenticate with the operating system (device sign-in)
forms-os-reauth =
.label = Require device sign in to fill and manage passwords
forms-primary-pw-learn-more-link = Learn more
# This string uses the former name of the Primary Password feature
# ("Master Password" in English) so that the preferences can be found
@@ -1075,13 +1072,6 @@ primary-password-os-auth-dialog-message-win = To create a Primary Password, ente
primary-password-os-auth-dialog-message-macosx = create a Primary Password
master-password-os-auth-dialog-caption = { -brand-full-name }
# The macOS string is preceded by the operating system with "Firefox is trying to ".
autofill-creditcard-os-dialog-message = { PLATFORM () ->
[macos] change the settings for payment methods
*[other] { -brand-short-name } is trying to change the settings for payment methods. Use your device sign in to allow this.
}
autofill-creditcard-os-auth-dialog-caption = { -brand-full-name }
## Privacy section - Autofill
pane-privacy-autofill-header = Autofill
@@ -1095,9 +1085,12 @@ autofill-payment-methods-checkbox-submessage = Includes credit and debit cards
.accesskey = I
autofill-saved-payment-methods-button = Saved payment methods
.accesskey = v
# This operation requires the user to authenticate with the operating system (device sign-in)
autofill-reauth-payment-methods-checkbox = Require device sign in to fill and manage payment methods
autofill-reauth-checkbox = { PLATFORM() ->
[macos] Require macOS authentication to fill and edit payment methods.
[windows] Require Windows authentication to fill and edit payment methods.
[linux] Require Linux authentication to fill and edit payment methods.
*[other] Require authentication to fill and edit payment methods.
}
.accesskey = o
## Privacy Section - History

6
toolkit/components/formautofill/FormAutofill.sys.mjs
View File

@@ -24,8 +24,8 @@ const ENABLED_AUTOFILL_ADDRESSES_SUPPORTED_COUNTRIES_PREF =
"extensions.formautofill.addresses.supportedCountries";
const ENABLED_AUTOFILL_CREDITCARDS_PREF =
"extensions.formautofill.creditCards.enabled";
const AUTOFILL_CREDITCARDS_REAUTH_PREF =
"extensions.formautofill.creditCards.reauth.optout";
const ENABLED_AUTOFILL_CREDITCARDS_REAUTH_PREF =
"extensions.formautofill.reauth.enabled";
const AUTOFILL_CREDITCARDS_HIDE_UI_PREF =
"extensions.formautofill.creditCards.hideui";
const FORM_AUTOFILL_SUPPORT_RTL_PREF = "extensions.formautofill.supportRTL";
@@ -44,7 +44,7 @@ export const FormAutofill = {
ENABLED_AUTOFILL_CAPTURE_ON_FORM_REMOVAL_PREF,
ENABLED_AUTOFILL_CAPTURE_ON_PAGE_NAVIGATION_PREF,
ENABLED_AUTOFILL_CREDITCARDS_PREF,
AUTOFILL_CREDITCARDS_REAUTH_PREF,
ENABLED_AUTOFILL_CREDITCARDS_REAUTH_PREF,
AUTOFILL_CREDITCARDS_AUTOCOMPLETE_OFF_PREF,
AUTOFILL_ADDRESSES_AUTOCOMPLETE_OFF_PREF,

15
toolkit/components/formautofill/FormAutofillParent.sys.mjs
View File

@@ -48,11 +48,8 @@ ChromeUtils.defineLazyGetter(lazy, "log", () =>
FormAutofill.defineLogGetter(lazy, "FormAutofillParent")
);
const {
ENABLED_AUTOFILL_ADDRESSES_PREF,
ENABLED_AUTOFILL_CREDITCARDS_PREF,
AUTOFILL_CREDITCARDS_REAUTH_PREF,
} = FormAutofill;
const { ENABLED_AUTOFILL_ADDRESSES_PREF, ENABLED_AUTOFILL_CREDITCARDS_PREF } =
FormAutofill;
const { ADDRESSES_COLLECTION_NAME, CREDITCARDS_COLLECTION_NAME } =
FormAutofillUtils;
@@ -285,9 +282,7 @@ export class FormAutofillParent extends JSWindowActorParent {
}
case "FormAutofill:GetDecryptedString": {
let { cipherText, reauth } = data;
if (
!FormAutofillUtils.getOSAuthEnabled(AUTOFILL_CREDITCARDS_REAUTH_PREF)
) {
if (!FormAutofillUtils._reauthEnabledByUser) {
lazy.log.debug("Reauth is disabled");
reauth = false;
}
@@ -323,9 +318,7 @@ export class FormAutofillParent extends JSWindowActorParent {
break;
}
case "FormAutofill:SaveCreditCard": {
// Setting the first parameter of OSKeyStore.ensurLoggedIn as false
// since this case only called in tests. Also the reason why we're not calling FormAutofill.verifyUserOSAuth.
if (!(await lazy.OSKeyStore.ensureLoggedIn(false)).authenticated) {
if (!(await FormAutofillUtils.ensureLoggedIn()).authenticated) {
lazy.log.warn("User canceled encryption login");
return undefined;
}

59
toolkit/components/formautofill/FormAutofillPreferences.sys.mjs
View File

@@ -16,6 +16,7 @@ const MANAGE_CREDITCARDS_URL =
import { FormAutofill } from "resource://autofill/FormAutofill.sys.mjs";
import { FormAutofillUtils } from "resource://gre/modules/shared/FormAutofillUtils.sys.mjs";
import { AppConstants } from "resource://gre/modules/AppConstants.sys.mjs";
const lazy = {};
ChromeUtils.defineESModuleGetters(lazy, {
@@ -24,17 +25,13 @@ ChromeUtils.defineESModuleGetters(lazy, {
ChromeUtils.defineLazyGetter(
lazy,
"l10n",
() =>
new Localization(
["branding/brand.ftl", "browser/preferences/preferences.ftl"],
true
)
() => new Localization(["browser/preferences/preferences.ftl"], true)
);
const {
ENABLED_AUTOFILL_ADDRESSES_PREF,
ENABLED_AUTOFILL_CREDITCARDS_PREF,
AUTOFILL_CREDITCARDS_REAUTH_PREF,
ENABLED_AUTOFILL_CREDITCARDS_REAUTH_PREF,
} = FormAutofill;
const {
MANAGE_ADDRESSES_L10N_IDS,
@@ -270,13 +267,7 @@ FormAutofillPreferences.prototype = {
reauthCheckbox.setAttribute(
"label",
lazy.l10n.formatValueSync("autofill-reauth-payment-methods-checkbox")
);
// If target.checked is checked, enable OSAuth. Otherwise, reset the pref value.
reauthCheckbox.setAttribute(
"checked",
FormAutofillUtils.getOSAuthEnabled(AUTOFILL_CREDITCARDS_REAUTH_PREF)
lazy.l10n.formatValueSync("autofill-reauth-checkbox")
);
reauthLearnMore.setAttribute(
@@ -284,6 +275,11 @@ FormAutofillPreferences.prototype = {
"credit-card-autofill#w_require-authentication-for-autofill"
);
// Manually set the checked state
if (FormAutofillUtils._reauthEnabledByUser) {
reauthCheckbox.setAttribute("checked", true);
}
reauthCheckboxGroup.setAttribute("align", "center");
reauthCheckboxGroup.setAttribute("flex", "1");
@@ -325,31 +321,36 @@ FormAutofillPreferences.prototype = {
break;
}
let messageText = await lazy.l10n.formatValueSync(
"autofill-creditcard-os-dialog-message"
);
let captionText = await lazy.l10n.formatValueSync(
"autofill-creditcard-os-auth-dialog-caption"
let messageTextId = "autofillReauthOSDialog";
// We reuse the if/else order from wizard markup to increase
// odds of consistent behavior.
if (AppConstants.platform == "macosx") {
messageTextId += "Mac";
} else if (AppConstants.platform == "linux") {
messageTextId += "Lin";
} else {
messageTextId += "Win";
}
let messageText = this.bundle.GetStringFromName(messageTextId);
const brandBundle = Services.strings.createBundle(
"chrome://branding/locale/brand.properties"
);
let win = target.ownerGlobal.docShell.chromeEventHandler.ownerGlobal;
// Calling OSKeyStore.ensureLoggedIn() instead of FormAutofillUtils.verifyOSAuth()
// since we want to authenticate user each time this stting is changed.
let isAuthorized = (
await lazy.OSKeyStore.ensureLoggedIn(
let loggedIn = await lazy.OSKeyStore.ensureLoggedIn(
messageText,
captionText,
brandBundle.GetStringFromName("brandFullName"),
win,
false
)
).authenticated;
if (!isAuthorized) {
);
if (!loggedIn.authenticated) {
target.checked = !target.checked;
break;
}
// If target.checked is checked, enable OSAuth. Otherwise, reset the pref value.
FormAutofillUtils.setOSAuthEnabled(
AUTOFILL_CREDITCARDS_REAUTH_PREF,
Services.prefs.setBoolPref(
ENABLED_AUTOFILL_CREDITCARDS_REAUTH_PREF,
target.checked
);
} else if (target == this.refs.savedAddressesBtn) {

5
toolkit/components/formautofill/Helpers.ios.mjs
View File

@@ -111,11 +111,6 @@ export const XPCOMUtils = withNotImplementedError({
defineLazyModuleGetters(obj, modules) {
internalModuleResolvers.resolveModules(obj, modules);
},
defineLazyServiceGetter() {
// Don't do anything
// We need this for OS Auth fixes for formautofill.
// TODO(issam, Bug 1894967): Move os auth to separate module and remove this.
},
});
// eslint-disable-next-line no-shadow

3
toolkit/components/formautofill/default/FormAutofillPrompter.sys.mjs
View File

@@ -19,7 +19,6 @@ const lazy = {};
ChromeUtils.defineESModuleGetters(lazy, {
CreditCard: "resource://gre/modules/CreditCard.sys.mjs",
formAutofillStorage: "resource://autofill/FormAutofillStorage.sys.mjs",
OSKeyStore: "resource://gre/modules/OSKeyStore.sys.mjs",
});
ChromeUtils.defineLazyGetter(lazy, "log", () =>
@@ -1322,7 +1321,7 @@ export let FormAutofillPrompter = {
return;
}
if (!(await lazy.OSKeyStore.ensureLoggedIn(false)).authenticated) {
if (!(await FormAutofillUtils.ensureLoggedIn()).authenticated) {
lazy.log.warn("User canceled encryption login");
return;
}

94
toolkit/components/formautofill/shared/FormAutofillUtils.sys.mjs
View File

@@ -26,19 +26,10 @@ ChromeUtils.defineLazyGetter(
)
);
XPCOMUtils.defineLazyServiceGetter(
lazy,
"Crypto",
"@mozilla.org/login-manager/crypto/SDR;1",
"nsILoginManagerCrypto"
);
export let FormAutofillUtils;
const ADDRESSES_COLLECTION_NAME = "addresses";
const CREDITCARDS_COLLECTION_NAME = "creditCards";
const AUTOFILL_CREDITCARDS_REAUTH_PREF =
FormAutofill.AUTOFILL_CREDITCARDS_REAUTH_PREF;
const MANAGE_ADDRESSES_L10N_IDS = [
"autofill-add-address-title",
"autofill-manage-addresses-title",
@@ -116,7 +107,6 @@ FormAutofillUtils = {
ADDRESSES_COLLECTION_NAME,
CREDITCARDS_COLLECTION_NAME,
AUTOFILL_CREDITCARDS_REAUTH_PREF,
MANAGE_ADDRESSES_L10N_IDS,
EDIT_ADDRESS_L10N_IDS,
MANAGE_CREDITCARDS_L10N_IDS,
@@ -178,90 +168,12 @@ FormAutofillUtils = {
return ccNumber && lazy.CreditCard.isValidNumber(ccNumber);
},
/**
* Get the decrypted value for a string pref.
*
* @param {string} prefName -> The pref whose value is needed.
* @param {string} safeDefaultValue -> Value to be returned incase the pref is not yet set.
* @returns {string}
*/
getSecurePref(prefName, safeDefaultValue) {
try {
const encryptedValue = Services.prefs.getStringPref(prefName, "");
return encryptedValue === ""
? safeDefaultValue
: lazy.Crypto.decrypt(encryptedValue);
} catch {
return safeDefaultValue;
}
},
/**
* Set the pref to the encrypted form of the value.
*
* @param {string} prefName -> The pref whose value is to be set.
* @param {string} value -> The value to be set in its encrypted form.
*/
setSecurePref(prefName, value) {
if (value) {
const encryptedValue = lazy.Crypto.encrypt(value);
Services.prefs.setStringPref(prefName, encryptedValue);
} else {
Services.prefs.clearUserPref(prefName);
}
},
/**
* Get whether the OSAuth is enabled or not.
*
* @param {string} prefName -> The name of the pref (creditcards or addresses)
* @returns {boolean}
*/
getOSAuthEnabled(prefName) {
return (
lazy.OSKeyStore.canReauth() &&
this.getSecurePref(prefName, "") !== "opt out"
ensureLoggedIn(promptMessage) {
return lazy.OSKeyStore.ensureLoggedIn(
this._reauthEnabledByUser && promptMessage ? promptMessage : false
);
},
/**
* Set whether the OSAuth is enabled or not.
*
* @param {string} prefName -> The pref to encrypt.
* @param {boolean} enable -> Whether the pref is to be enabled.
*/
setOSAuthEnabled(prefName, enable) {
this.setSecurePref(prefName, enable ? null : "opt out");
},
async verifyUserOSAuth(
prefName,
promptMessage,
captionDialog = "",
parentWindow = null,
generateKeyIfNotAvailable = true
) {
if (!this.getOSAuthEnabled(prefName)) {
promptMessage = false;
}
try {
return (
await lazy.OSKeyStore.ensureLoggedIn(
promptMessage,
captionDialog,
parentWindow,
generateKeyIfNotAvailable
)
).authenticated;
} catch (ex) {
// Since Win throws an exception whereas Mac resolves to false upon cancelling.
if (ex.result !== Cr.NS_ERROR_FAILURE) {
throw ex;
}
}
return false;
},
/**
* Get the array of credit card network ids ("types") we expect and offer as valid choices
*

105
toolkit/components/passwordmgr/LoginHelper.sys.mjs
View File

@@ -18,13 +18,6 @@ ChromeUtils.defineESModuleGetters(lazy, {
OSKeyStore: "resource://gre/modules/OSKeyStore.sys.mjs",
});
XPCOMUtils.defineLazyServiceGetter(
lazy,
"Crypto",
"@mozilla.org/login-manager/crypto/SDR;1",
"nsILoginManagerCrypto"
);
export class ParentAutocompleteOption {
image;
title;
@@ -373,7 +366,7 @@ class ImportRowProcessor {
return this.summary;
}
}
const OS_AUTH_FOR_PASSWORDS_PREF = "signon.management.page.os-auth.optout";
/**
* Contains functions shared by different Login Manager components.
*/
@@ -401,7 +394,6 @@ export const LoginHelper = {
testOnlyUserHasInteractedWithDocument: null,
userInputRequiredToCapture: null,
captureInputChanges: null,
OS_AUTH_FOR_PASSWORDS_PREF,
init() {
// Watch for pref changes to update cached pref values.
@@ -1590,90 +1582,6 @@ export const LoginHelper = {
return token.hasPassword;
},
/**
* Get the decrypted value for a string pref.
*
* @param {string} prefName -> The pref whose value is needed.
* @param {string} safeDefaultValue -> Value to be returned incase the pref is not yet set.
* @returns {string}
*/
getSecurePref(prefName, safeDefaultValue) {
try {
const encryptedValue = Services.prefs.getStringPref(prefName, "");
return encryptedValue === ""
? safeDefaultValue
: lazy.Crypto.decrypt(encryptedValue);
} catch {
return safeDefaultValue;
}
},
/**
* Set the pref to the encrypted form of the value.
*
* @param {string} prefName -> The pref whose value is to be set.
* @param {string} value -> The value to be set in its encrypted form.
*/
setSecurePref(prefName, value) {
if (value) {
const encryptedValue = lazy.Crypto.encrypt(value);
Services.prefs.setStringPref(prefName, encryptedValue);
} else {
Services.prefs.clearUserPref(prefName);
}
},
/**
* Get whether the OSAuth is enabled or not.
*
* @param {string} prefName -> The name of the pref (creditcards or addresses)
* @returns {boolean}
*/
getOSAuthEnabled(prefName) {
return (
lazy.OSKeyStore.canReauth() &&
this.getSecurePref(prefName, "") !== "opt out"
);
},
/**
* Set whether the OSAuth is enabled or not.
*
* @param {string} prefName -> The pref to encrypt.
* @param {boolean} enable -> Whether the pref is to be enabled.
*/
setOSAuthEnabled(prefName, enable) {
this.setSecurePref(prefName, enable ? null : "opt out");
},
async verifyUserOSAuth(
prefName,
promptMessage,
captionDialog = "",
parentWindow = null,
generateKeyIfNotAvailable = true
) {
if (!this.getOSAuthEnabled(prefName)) {
promptMessage = false;
}
try {
return (
await lazy.OSKeyStore.ensureLoggedIn(
promptMessage,
captionDialog,
parentWindow,
generateKeyIfNotAvailable
)
).authenticated;
} catch (ex) {
// Since Win throws an exception whereas Mac resolves to false upon cancelling.
if (ex.result !== Cr.NS_ERROR_FAILURE) {
throw ex;
}
}
return false;
},
/**
* Shows the Primary Password prompt if enabled, or the
* OS auth dialog otherwise.
@@ -1729,21 +1637,18 @@ export const LoginHelper = {
}
// Use the OS auth dialog if there is no primary password
if (!token.hasPassword && OSReauthEnabled) {
let isAuthorized = await this.verifyUserOSAuth(
OS_AUTH_FOR_PASSWORDS_PREF,
let result = await lazy.OSKeyStore.ensureLoggedIn(
messageText,
captionText,
browser.ownerGlobal,
false
);
let value = lazy.OSKeyStore.canReauth()
? "success"
: "success_unsupported_platform";
isAuthorized = result.authenticated;
telemetryEvent = {
object: "os_auth",
method: "reauthenticate",
value: isAuthorized ? value : "fail",
value: result.auth_details,
extra: result.auth_details_extra,
};
return {
isAuthorized,