From 28c78509a1def2e752fc8c2d3a6238b1331860e3 Mon Sep 17 00:00:00 2001 From: Travis Ralston Date: Mon, 23 Nov 2020 14:10:14 -0700 Subject: [PATCH 1/2] Use the WidgetDriver to run OIDC requests Fixes https://github.com/vector-im/element-web/issues/15775 --- src/stores/widgets/StopGapWidget.ts | 56 ----------------------- src/stores/widgets/StopGapWidgetDriver.ts | 43 ++++++++++++++++- 2 files changed, 42 insertions(+), 57 deletions(-) diff --git a/src/stores/widgets/StopGapWidget.ts b/src/stores/widgets/StopGapWidget.ts index e8c0ea141e..3485e153e1 100644 --- a/src/stores/widgets/StopGapWidget.ts +++ b/src/stores/widgets/StopGapWidget.ts @@ -17,8 +17,6 @@ import { Room } from "matrix-js-sdk/src/models/room"; import { ClientWidgetApi, - IGetOpenIDActionRequest, - IGetOpenIDActionResponseData, IStickerActionRequest, IStickyActionRequest, ITemplateParams, @@ -27,10 +25,8 @@ import { IWidgetApiRequestEmptyData, IWidgetData, MatrixCapabilities, - OpenIDRequestState, runTemplate, Widget, - WidgetApiToWidgetAction, WidgetApiFromWidgetAction, IModalWidgetOpenRequest, IWidgetApiErrorResponseData, @@ -50,8 +46,6 @@ import ActiveWidgetStore from "../ActiveWidgetStore"; import { objectShallowClone } from "../../utils/objects"; import defaultDispatcher from "../../dispatcher/dispatcher"; import { ElementWidgetActions, IViewRoomApiRequest } from "./ElementWidgetActions"; -import Modal from "../../Modal"; -import WidgetOpenIDPermissionsDialog from "../../components/views/dialogs/WidgetOpenIDPermissionsDialog"; import {ModalWidgetStore} from "../ModalWidgetStore"; import ThemeWatcher from "../../settings/watchers/ThemeWatcher"; import {getCustomTheme} from "../../theme"; @@ -235,55 +229,6 @@ export class StopGapWidget extends EventEmitter { return this.messaging.widget.id; } - private onOpenIdReq = async (ev: CustomEvent) => { - ev.preventDefault(); - - const rawUrl = this.appTileProps.app.url; - const widgetSecurityKey = WidgetUtils.getWidgetSecurityKey(this.widgetId, rawUrl, this.appTileProps.userWidget); - - const settings = SettingsStore.getValue("widgetOpenIDPermissions"); - if (settings.deny && settings.deny.includes(widgetSecurityKey)) { - this.messaging.transport.reply(ev.detail, { - state: OpenIDRequestState.Blocked, - }); - return; - } - if (settings.allow && settings.allow.includes(widgetSecurityKey)) { - const credentials = await MatrixClientPeg.get().getOpenIdToken(); - this.messaging.transport.reply(ev.detail, { - state: OpenIDRequestState.Allowed, - ...credentials, - }); - return; - } - - // Confirm that we received the request - this.messaging.transport.reply(ev.detail, { - state: OpenIDRequestState.PendingUserConfirmation, - }); - - // Actually ask for permission to send the user's data - Modal.createTrackedDialog("OpenID widget permissions", '', WidgetOpenIDPermissionsDialog, { - widgetUrl: rawUrl, - widgetId: this.widgetId, - isUserWidget: this.appTileProps.userWidget, - - onFinished: async (confirm) => { - const responseBody: IGetOpenIDActionResponseData = { - state: confirm ? OpenIDRequestState.Allowed : OpenIDRequestState.Blocked, - original_request_id: ev.detail.requestId, // eslint-disable-line camelcase - }; - if (confirm) { - const credentials = await MatrixClientPeg.get().getOpenIdToken(); - Object.assign(responseBody, credentials); - } - this.messaging.transport.send(WidgetApiToWidgetAction.OpenIDCredentials, responseBody).catch(error => { - console.error("Failed to send OpenID credentials: ", error); - }); - }, - }); - }; - private onOpenModal = async (ev: CustomEvent) => { ev.preventDefault(); if (ModalWidgetStore.instance.canOpenModalWidget()) { @@ -305,7 +250,6 @@ export class StopGapWidget extends EventEmitter { this.messaging = new ClientWidgetApi(this.mockWidget, iframe, driver); this.messaging.on("preparing", () => this.emit("preparing")); this.messaging.on("ready", () => this.emit("ready")); - this.messaging.on(`action:${WidgetApiFromWidgetAction.GetOpenIDCredentials}`, this.onOpenIdReq); this.messaging.on(`action:${WidgetApiFromWidgetAction.OpenModalWidget}`, this.onOpenModal); WidgetMessagingStore.instance.storeMessaging(this.mockWidget, this.messaging); diff --git a/src/stores/widgets/StopGapWidgetDriver.ts b/src/stores/widgets/StopGapWidgetDriver.ts index 722c7d8f49..d18761ff0d 100644 --- a/src/stores/widgets/StopGapWidgetDriver.ts +++ b/src/stores/widgets/StopGapWidgetDriver.ts @@ -16,8 +16,12 @@ import { Capability, + IOpenIDCredentials, + IOpenIDUpdate, ISendEventDetails, MatrixCapabilities, + OpenIDRequestState, + SimpleObservable, Widget, WidgetDriver, WidgetKind, @@ -26,6 +30,9 @@ import { iterableDiff, iterableUnion } from "../../utils/iterables"; import { MatrixClientPeg } from "../../MatrixClientPeg"; import ActiveRoomObserver from "../../ActiveRoomObserver"; import Modal from "../../Modal"; +import WidgetUtils from "../../utils/WidgetUtils"; +import SettingsStore from "../../settings/SettingsStore"; +import WidgetOpenIDPermissionsDialog from "../../components/views/dialogs/WidgetOpenIDPermissionsDialog"; import WidgetCapabilitiesPromptDialog, { getRememberedCapabilitiesForWidget, } from "../../components/views/dialogs/WidgetCapabilitiesPromptDialog"; @@ -79,7 +86,7 @@ export class StopGapWidgetDriver extends WidgetDriver { if (!client || !roomId) throw new Error("Not in a room or not attached to a client"); - let r: {event_id: string} = null; // eslint-disable-line camelcase + let r: { event_id: string } = null; // eslint-disable-line camelcase if (stateKey !== null) { // state event r = await client.sendStateEvent(roomId, eventType, content, stateKey); @@ -90,4 +97,38 @@ export class StopGapWidgetDriver extends WidgetDriver { return {roomId, eventId: r.event_id}; } + + public async askOpenID(observer: SimpleObservable) { + const isUserWidget = this.forWidgetKind !== WidgetKind.Room; // modal and account widgets are "user" widgets + const rawUrl = this.forWidget.templateUrl; + const widgetSecurityKey = WidgetUtils.getWidgetSecurityKey(this.forWidget.id, rawUrl, isUserWidget); + + const getToken = (): Promise => { + return MatrixClientPeg.get().getOpenIdToken(); + }; + + const settings = SettingsStore.getValue("widgetOpenIDPermissions"); + if (settings?.deny?.includes(widgetSecurityKey)) { + return observer.update({state: OpenIDRequestState.Blocked}); + } + if (settings?.allow?.includes(widgetSecurityKey)) { + return observer.update({state: OpenIDRequestState.Allowed, token: await getToken()}); + } + + observer.update({state: OpenIDRequestState.PendingUserConfirmation}); + + Modal.createTrackedDialog("OpenID widget permissions", '', WidgetOpenIDPermissionsDialog, { + widgetUrl: rawUrl, + widgetId: this.forWidget.id, + isUserWidget: isUserWidget, + + onFinished: async (confirm) => { + if (!confirm) { + return observer.update({state: OpenIDRequestState.Blocked}); + } + + return observer.update({state: OpenIDRequestState.Allowed, token: await getToken()}); + }, + }); + } } From 67a0f1ef4c3a327d6e8959ac600809bff7201155 Mon Sep 17 00:00:00 2001 From: Travis Ralston Date: Tue, 24 Nov 2020 09:43:21 -0700 Subject: [PATCH 2/2] Update widget API --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 61adcd9807..dde76d1d41 100644 --- a/package.json +++ b/package.json @@ -79,7 +79,7 @@ "linkifyjs": "^2.1.9", "lodash": "^4.17.19", "matrix-js-sdk": "github:matrix-org/matrix-js-sdk#develop", - "matrix-widget-api": "^0.1.0-beta.9", + "matrix-widget-api": "^0.1.0-beta.10", "minimist": "^1.2.5", "pako": "^1.0.11", "parse5": "^5.1.1", diff --git a/yarn.lock b/yarn.lock index def240fdf2..966a70d373 100644 --- a/yarn.lock +++ b/yarn.lock @@ -6532,10 +6532,10 @@ matrix-react-test-utils@^0.2.2: resolved "https://registry.yarnpkg.com/matrix-react-test-utils/-/matrix-react-test-utils-0.2.2.tgz#c87144d3b910c7edc544a6699d13c7c2bf02f853" integrity sha512-49+7gfV6smvBIVbeloql+37IeWMTD+fiywalwCqk8Dnz53zAFjKSltB3rmWHso1uecLtQEcPtCijfhzcLXAxTQ== -matrix-widget-api@^0.1.0-beta.9: - version "0.1.0-beta.9" - resolved "https://registry.yarnpkg.com/matrix-widget-api/-/matrix-widget-api-0.1.0-beta.9.tgz#83952132c1610e013acb3e695f923f971ddd5637" - integrity sha512-nXo4iaquSya6hYLXccX8o1K960ckSQ0YXIubRDha+YmB+L09F5a7bUPS5JN2tYANOMzyfFAzWVuFwjHv4+K+rg== +matrix-widget-api@^0.1.0-beta.10: + version "0.1.0-beta.10" + resolved "https://registry.yarnpkg.com/matrix-widget-api/-/matrix-widget-api-0.1.0-beta.10.tgz#2e4d658d90ff3152c5567089b4ddd21fb44ec1dd" + integrity sha512-yX2UURjM1zVp7snPiOFcH9+FDBdHfAdt5HEAyDUHGJ7w/F2zOtcK/y0dMlZ1+XhxY7Wv0IBZH0US8X/ioJRX1A== dependencies: events "^3.2.0"