Disable approval caching

app/scripts/contentscript.js

@@ -142,7 +142,7 @@ function listenForProviderRequest () {
     }
   })
 
-  extension.runtime.onMessage.addListener(({ action = '', isApproved, isUnlocked }) => {
+  extension.runtime.onMessage.addListener(({ action = '', isApproved, caching, isUnlocked }) => {
     switch (action) {
       case 'approve-provider-request':
         isEnabled = true
@@ -152,11 +152,15 @@ function listenForProviderRequest () {
         injectScript(`window.dispatchEvent(new CustomEvent('ethereumprovider', { detail: { error: 'User rejected provider access' }}))`)
         break
       case 'answer-is-approved':
-        injectScript(`window.dispatchEvent(new CustomEvent('ethereumisapproved', { detail: { isApproved: ${isApproved}}}))`)
+        injectScript(`window.dispatchEvent(new CustomEvent('ethereumisapproved', { detail: { isApproved: ${isApproved}, caching: ${caching}}}))`)
         break
       case 'answer-is-unlocked':
         injectScript(`window.dispatchEvent(new CustomEvent('metamaskisunlocked', { detail: { isUnlocked: ${isUnlocked}}}))`)
         break
+      case 'metamask-set-locked':
+        isEnabled = false
+        injectScript(`window.dispatchEvent(new CustomEvent('metamasksetlocked', { detail: {}}))`)
+        break
     }
   })
 }

app/scripts/controllers/provider-approval.js

@@ -4,6 +4,11 @@ const ObservableStore = require('obs-store')
  * A controller that services user-approved requests for a full Ethereum provider API
  */
 class ProviderApprovalController {
+  /**
+   * Determines if caching is enabled
+   */
+  caching = false
+
   /**
    * Creates a ProviderApprovalController
    *
@@ -44,7 +49,7 @@ class ProviderApprovalController {
    */
   _handleProviderRequest (origin) {
     this.store.updateState({ providerRequests: [{ origin }] })
-    if (this.isApproved(origin)) {
+    if (this.isApproved(origin) && this.caching) {
       this.approveProviderRequest(origin)
       return
     }
@@ -57,8 +62,9 @@ class ProviderApprovalController {
    * @param {string} origin - Origin of the window
    */
   _handleIsApproved (origin) {
-    const isApproved = this.isApproved(origin)
-    this.platform && this.platform.sendMessage({ action: 'answer-is-approved', isApproved }, { active: true })
+    const isApproved = this.isApproved(origin) && this.caching
+    const caching = this.caching
+    this.platform && this.platform.sendMessage({ action: 'answer-is-approved', isApproved, caching }, { active: true })
   }
 
   /**
@@ -125,6 +131,14 @@ class ProviderApprovalController {
     const privacyMode = this.preferencesController.getFeatureFlags().privacyMode
     return !privacyMode || this.approvedOrigins[origin]
   }
+
+  /**
+   * Tells all tabs that MetaMask is now locked. This is primarily used to set
+   * internal flags in the contentscript and inpage script.
+   */
+  setLocked () {
+    this.platform.sendMessage({ action: 'metamask-set-locked' })
+  }
 }
 
 module.exports = ProviderApprovalController

app/scripts/inpage.js

@@ -35,6 +35,11 @@ var inpageProvider = new MetamaskInpageProvider(metamaskStream)
 // set a high max listener count to avoid unnecesary warnings
 inpageProvider.setMaxListeners(100)
 
+// set up a listener for when MetaMask is locked
+window.addEventListener('metamasksetlocked', () => {
+  isEnabled = false
+})
+
 // augment the provider with its enable method
 inpageProvider.enable = function () {
   return new Promise((resolve, reject) => {
@@ -101,7 +106,11 @@ inpageProvider._metamask = new Proxy({
         if (typeof detail.error !== 'undefined') {
           reject(detail.error)
         } else {
+          if (!detail.caching) {
             resolve(!!detail.isApproved)
+          } else {
+            resolve(isEnabled)
+          }
         }
       })
       window.postMessage({ type: 'ETHEREUM_IS_APPROVED' }, '*')

app/scripts/metamask-controller.js

@@ -1581,6 +1581,7 @@ module.exports = class MetamaskController extends EventEmitter {
    * Locks MetaMask
    */
   setLocked() {
+    this.providerApprovalController.setLocked()
     return this.keyringController.setLocked()
   }
 }