1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-11-30 08:09:15 +01:00
metamask-extension/app/scripts/controllers/provider-approval.js

176 lines
6.1 KiB
JavaScript
Raw Normal View History

2018-09-27 20:19:09 +02:00
const ObservableStore = require('obs-store')
const SafeEventEmitter = require('safe-event-emitter')
const createAsyncMiddleware = require('json-rpc-engine/src/createAsyncMiddleware')
2019-09-16 23:07:44 +02:00
const { errors: rpcErrors } = require('eth-json-rpc-errors')
2018-09-27 20:19:09 +02:00
/**
* A controller that services user-approved requests for a full Ethereum provider API
*/
class ProviderApprovalController extends SafeEventEmitter {
2018-09-27 20:19:09 +02:00
/**
* Creates a ProviderApprovalController
*
* @param {Object} [config] - Options to configure controller
*/
constructor ({ closePopup, initState, keyringController, openPopup, preferencesController } = {}) {
super()
2018-09-27 20:19:09 +02:00
this.closePopup = closePopup
2018-10-29 22:28:59 +01:00
this.keyringController = keyringController
2018-09-27 20:19:09 +02:00
this.openPopup = openPopup
2018-10-10 20:52:26 +02:00
this.preferencesController = preferencesController
this.memStore = new ObservableStore({
providerRequests: [],
})
const defaultState = { approvedOrigins: {} }
this.store = new ObservableStore(Object.assign(defaultState, initState))
}
2018-10-29 22:28:59 +01:00
/**
* Called when a user approves access to a full Ethereum provider API
*
* @param {object} opts - opts for the middleware contains the origin for the middleware
*/
createMiddleware ({ senderUrl, extensionId, getSiteMetadata }) {
return createAsyncMiddleware(async (req, res, next) => {
// only handle requestAccounts
if (req.method !== 'eth_requestAccounts') return next()
// if already approved or privacy mode disabled, return early
const isUnlocked = this.keyringController.memStore.getState().isUnlocked
const origin = senderUrl.hostname
if (this.shouldExposeAccounts(origin) && isUnlocked) {
res.result = [this.preferencesController.getSelectedAddress()]
return
}
// register the provider request
const metadata = { hostname: senderUrl.hostname, origin }
if (extensionId) {
metadata.extensionId = extensionId
} else {
const siteMetadata = await getSiteMetadata(origin)
Object.assign(metadata, { siteTitle: siteMetadata.name, siteImage: siteMetadata.icon})
}
this._handleProviderRequest(metadata)
// wait for resolution of request
const approved = await new Promise(resolve => this.once(`resolvedRequest:${origin}`, ({ approved }) => resolve(approved)))
if (approved) {
res.result = [this.preferencesController.getSelectedAddress()]
} else {
2019-09-16 23:07:44 +02:00
throw rpcErrors.eth.userRejectedRequest('User denied account authorization')
}
})
2018-09-27 20:19:09 +02:00
}
/**
* @typedef {Object} SiteMetadata
* @param {string} hostname - The hostname of the site
* @param {string} origin - The origin of the site
* @param {string} [siteTitle] - The title of the site
* @param {string} [siteImage] - The icon for the site
* @param {string} [extensionId] - The extension ID of the extension
*/
2018-09-27 20:19:09 +02:00
/**
* Called when a tab requests access to a full Ethereum provider API
*
* @param {SiteMetadata} siteMetadata - The metadata for the site requesting full provider access
2018-09-27 20:19:09 +02:00
*/
_handleProviderRequest (siteMetadata) {
const { providerRequests } = this.memStore.getState()
const origin = siteMetadata.origin
this.memStore.updateState({
providerRequests: [
...providerRequests,
siteMetadata,
],
})
const isUnlocked = this.keyringController.memStore.getState().isUnlocked
const { approvedOrigins } = this.store.getState()
const originAlreadyHandled = approvedOrigins[origin]
if (originAlreadyHandled && isUnlocked) {
2018-09-27 20:19:09 +02:00
return
}
this.openPopup && this.openPopup()
}
/**
* Called when a user approves access to a full Ethereum provider API
*
* @param {string} origin - origin of the domain that had provider access approved
2018-09-27 20:19:09 +02:00
*/
approveProviderRequestByOrigin (origin) {
if (this.closePopup) {
this.closePopup()
}
const { approvedOrigins } = this.store.getState()
const { providerRequests } = this.memStore.getState()
const providerRequest = providerRequests.find((request) => request.origin === origin)
const remainingProviderRequests = providerRequests.filter(request => request.origin !== origin)
this.store.updateState({
approvedOrigins: {
...approvedOrigins,
[origin]: {
siteTitle: providerRequest ? providerRequest.siteTitle : null,
siteImage: providerRequest ? providerRequest.siteImage : null,
hostname: providerRequest ? providerRequest.hostname : null,
},
},
})
this.memStore.updateState({ providerRequests: remainingProviderRequests })
this.emit(`resolvedRequest:${origin}`, { approved: true })
2018-09-27 20:19:09 +02:00
}
/**
* Called when a tab rejects access to a full Ethereum provider API
*
* @param {string} origin - origin of the domain that had provider access approved
2018-09-27 20:19:09 +02:00
*/
rejectProviderRequestByOrigin (origin) {
if (this.closePopup) {
this.closePopup()
}
const { approvedOrigins } = this.store.getState()
const { providerRequests } = this.memStore.getState()
const remainingProviderRequests = providerRequests.filter(request => request.origin !== origin)
// We're cloning and deleting keys here because we don't want to keep unneeded keys
const _approvedOrigins = Object.assign({}, approvedOrigins)
delete _approvedOrigins[origin]
this.store.putState({ approvedOrigins: _approvedOrigins })
this.memStore.putState({ providerRequests: remainingProviderRequests })
this.emit(`resolvedRequest:${origin}`, { approved: false })
2018-09-27 20:19:09 +02:00
}
/**
* Clears any approvals for user-approved origins
2018-09-27 20:19:09 +02:00
*/
clearApprovedOrigins () {
this.store.updateState({
approvedOrigins: {},
})
2018-09-27 20:19:09 +02:00
}
/**
2018-11-06 20:13:27 +01:00
* Determines if a given origin should have accounts exposed
2018-09-27 20:19:09 +02:00
*
* @param {string} origin - Domain origin to check for approval status
* @returns {boolean} - True if the origin has been approved
*/
2018-11-06 20:13:27 +01:00
shouldExposeAccounts (origin) {
return Boolean(this.store.getState().approvedOrigins[origin])
2018-09-27 20:19:09 +02:00
}
2018-10-29 23:44:04 +01:00
/**
* Returns a merged state representation
* @return {object}
* @private
*/
_getMergedState () {
return Object.assign({}, this.memStore.getState(), this.store.getState())
}
2018-09-27 20:19:09 +02:00
}
module.exports = ProviderApprovalController