* add PermissionsController
remove provider approval controller
integrate rpc-cap
create PermissionsController
move provider approval functionality to permissions controller
add permissions approval ui, settings page
add permissions activity and history
move some functionality to metamask-inpage-provider
rename siteMetadata -> domainMetadata
add accountsChange notification to inpage provider
move functionality to inpage provider
update inpage provider
Remove 'Connections' settings page (#7369)
add hooks for exposing accounts in settings
rename unused messages in non-English locales
Add external extension id to metadata (#7396)
update inpage provider, rpc-cap
add eth_requestAccounts handling to background
prevent notifying connections if extension is locked
update inpage provider
Fix lint errors
add migration
review fixes
transaction controller review updates
removed unused messages
* Login Per Site UI (#7368)
* LoginPerSite original UI changes to keep
* First commit
* Get necessary connected tab info for redirect and icon display for permissioned sites
* Fix up designs and add missing features
* Some lint fixes
* More lint fixes
* Ensures the tx controller + tx-state-manager orders transactions in the order they are received
* Code cleanup for LoginPerSite-ui
* Update e2e tests to use new connection flow
* Fix display of connect screen and app header after login when connect request present
* Update metamask-responsive-ui.spec for new item in accounts dropdown
* Fix approve container by replacing approvedOrigins with domainMetaData
* Adds test/e2e/permissions.spec.js
* Correctly handle cancellation of a permissions request
* Redirect to home after disconnecting all sites / cancelling all permissions
* Fix display of site icons in menu
* Fix height of permissions page container
* Remove unused locale messages
* Set default values for openExternalTabs and tabIdOrigins in account-menu.container
* More code cleanup for LoginPerSite-ui
* Use extensions api to close tab in permissions-connect
* Remove unnecessary change in domIsReady() in contentscript
* Remove unnecessary private function markers and class methods (for background tab info) in metamask-controller.
* Adds getOriginOfCurrentTab selector
* Adds IconWithFallback component and substitutes for appropriate cases
* Add and utilize font mixins
* Remove unused method in disconnect-all.container.js
* Simplify buttonSizeLarge code in page-container-footer.component.js
* Add and utilize getAccountsWithLabels selector
* Remove console.log in ui/app/store/actions.js
* Change last connected time format to yyyy-M-d
* Fix css associated with IconWithFallback change
* Ensure tracked openNonMetamaskTabsIDs are correctly set to inactive on tab changes
* Code cleanup for LoginPerSite-ui
* Use reusable function for modifying openNonMetamaskTabsIDs in background.js
* Enables automatic switching to connected account when connected domain is open
* Prevent exploit of tabIdOriginMap in background.js
* Remove unneeded code from contentscript.js
* Simplify current tab origin and window opener logic using remotePort listener tabs.queryTabs
* Design and styling fixes for LoginPerSite-ui
* Fix permissionHistory and permission logging for eth_requestAccounts and eth_accounts
* Front end changes to support display of lastConnected time in connected and permissions screens
* Fix lint errors
* Refactor structure of permissionsHistory
* Fix default values and object modifications for domain and permissionsHistory related data
* Fix connecting to new accounts from modal
* Replace retweet.svg with connect-white.svg
* Fix signature-request.spec
* Update metamask-inpage-provider version
* Fix permissions e2e tests
* Remove unneeded delay from test/e2e/signature-request.spec.js
* Add delay before attempting to retrieve network id in dapp in ethereum-on=.spec
* Use requestAccountTabIds strategy for determining tab id that opened a given window
* Improve default values for permissions requests
* Add some message descriptions to app/_locales/en/messages.json
* Code clean up in permission controller
* Stopped deep cloning object in mapObjectValues
* Bump metamask-inpage-provider version
* Add missing description in app/_locales/en/messages.json
* Return promises from queryTabs and switchToTab of extension.js
* Remove unused getAllPermissions function
* Use default props in icon-with-fallback.component.js
* Stop passing to permissions controller
* Delete no longer used clear-approved-origins modal code
* Remove duplicate imports in ui/app/components/app/index.scss
* Use URL instead of regex in getOriginFromUrl()
* Add runtime error checking to platform, promise based extension.tab methods
* Support permission requests from external extensions
* Improve font size and colour of the domain origin on the permission confirmation screen
* Add support for toggling permissions
* Ensure getRenderablePermissionsDomains only returns domains with exposedAccount caveat permissions
* Remove unused code from LoginPerSite-ui branch
* Ensure modal closes on Enter press for new-account-modal.component.js
* Lint fix
* fixup! Login Per Site UI (#7368)
* Some code cleanup for LoginPerSite
* Adds UX for connecting to dapps via the connected sites screen (#7593)
* Adds UX for connecting to dapps via the connected sites screen
* Use openMetaMaskTabIds from background.js to determine if current active tab is MetaMask
* Delete unused permissions controller methods
* Fixes two small bugs in the LoginPerSite ui (#7595)
* Restore `providerRequest` message translations (#7600)
This message was removed, but it was replaced with a very similar
message called `likeToConnect`. The only difference is that the new
message has "MetaMask" in it. Preserving these messages without
"MetaMask" is probably better than deleting them, so these messages
have all been restored and renamed to `likeToConnect`.
* Login per site no sitemetadata fix (#7610)
* Support connected sites for which we have no site metadata.
* Change property containing subtitle info often populated by origin to a more accurate of purpose name
* Lint fix
* Improve disconnection modal messages (#7612)
* Improve disconnectAccountModalDescription and disconnectAllModalDescription messages
* Update disconnectAccountModalDescription app/_locales/en/messages.json
Co-Authored-By: Mark Stacey <markjstacey@gmail.com>
* Improve disconnectAccount modal message clarity
* Adds cancel button to the account selection screen of the permissions request flow (#7613)
* Fix eth_accounts permission language & selectability (#7614)
* fix eth_accounts language & selectability
* fix MetaMask capitalization in all messages
* Close sidebar when opening connected sites (#7611)
The 'Connected Sites' button in the accounts details now closes the
sidebar, if it is open. This was accomplished by pulling the click
handler for that button up to the wallet view component, where another
button already followed a similar pattern of closing the sidebar.
It seemed confusing to me that one handler was in the `AccountsDetails`
container component, and one was handed down from above, so I added
PropTypes to the container component.
I'm not sure that the WalletView component is the best place for this
logic, but I've put it there for now to be consistent with the add
token button.
* Reject permissions request upon tab close (#7618)
Permissions requests are now rejected when the page is closed. This
only applies to the full-screen view, as that is the view permission
requests should be handled in. The case where the user deals with the
request through a different view is handled in #7617
* Handle tab update failure (#7619)
`extension.tabs.update` can sometimes fail if the user interacts with
the tabs directly around the same time. The redirect flow has been
updated to ensure that the permissions tab is still closed in that
case. The user is on their own to find the dapp tab again in that case.
* Login per site tab popup fixes (#7617)
* Handle redirect in response to state update in permissions-connect
* Ensure origin is available to permissions-connect subcomponents during redirect
* Hide app bar whenever on redirect route
* Improvements to handling of redirects in permissions-connect
* Ensure permission request id change handling only happens when page is not null
* Lint fix
* Decouple confirm transaction screen from the selected address (#7622)
* Avoid race condtion that could prevent contextual account switching (#7623)
There was a race condition in the logic responsible for switching the
selected account based upon the active tab. It was asynchronously
querying the active tab, then assuming it had been retrieved later.
The active tab info itself was already in the redux store in another
spot, one that is guaranteed to be set before the UI renders. The
race condition was avoided by deleting the duplicate state, and using
the other active tab state.
* Only redirect back to dapp if current tab is active (#7621)
The "redirect back to dapp" behaviour can be disruptive when the
permissions connect tab is not active. The purpose of the redirect was
to maintain context between the dapp and the permissions request, but
if the user has already moved to another tab, that no longer applies.
* Fix JSX style lint errors
* Remove unused state
* Add support for one-click onboarding
MetaMask now allows sites to register as onboarding the user, so that
the user is redirected back to the initiating site after onboarding.
This is accomplished through the use of the `metamask-onboarding`
library and the MetaMask forwarder.
At the end of onboarding, a 'snackbar'-stype component will explain to the
user they are about to be moved back to the originating dapp, and it will
show the origin of that dapp. This is intended to help prevent phishing
attempts, as it highlights that a redirect is taking place to an untrusted
third party.
If the onboarding initiator tab is closed when onboarding is finished,
the user is redirected to the onboarding originator as a fallback.
Closes#6161
* Add onboarding button to contract test dapp
The `contract-test` dapp (run with `yarn dapp`, used in e2e tests) now
uses a `Connect` button instead of connecting automatically. This
button also serves as an onboarding button when a MetaMask installation
is not detected.
* Add new static server for test dapp
The `static-server` library we were using for the `contract-test` dapp
didn't allow referencing files outside the server root. This should
have been possible to work around using symlinks, but there was a bug
that resulted in symlinks crashing the server.
Instead it has been replaced with a simple static file server that
will serve paths starting with `node_modules` from the project root.
This will be useful in testing the onboarding library without vendoring
it.
* Add `@metamask/onboarding` and `@metamask/forwarder`
Both libraries used to test onboarding are now included as dev
dependencies, to help with testing. A few convenience scripts
were added to help with this (`yarn forwarder` and `yarn dapp-forwarder`)
The units for the amounts shown on the approve screen in the
transaction fee section were missing. It appears that they were present
in an early version of the approve screen (#7271) but they got lost
somewhere along the way.
Maker has upgraded its Dai token to "Multi-Collateral Dai" (MCD) and requires
all users interacting with Dai migrate their tokens to the new version. Dai
now exclusively refers to Multi-Collateral Dai and what was previouly called
Dai is now Sai (Single Collateral Dai).
In this description, Sai refers to what was (prior to the 2019-11-18) known as Dai.
Dai is the _new_ token.
This changeset:
1. Only affects users who had non-zero Sai at the old contract address
2. Displays a persistent notification for users with Sai
3. Updates the token symbol for users already tracking the Sai token
4. Bumps our direct and indirect eth-contract-metadata dependencies
The notification copy:
> A message from Maker: The new Multi-Collateral Dai token has been released. Your old tokens are now called Sai. Please upgrade your Sai tokens to the new Dai.
The copy is from the Maker team.
* Redesign approve screen
* Add translations to approve screen components
* Show account in header of approve screen
* Use state prop bool for unlimited vs custom check in edit-approval-permission
* Set option to custom on input change in edit-approval-permission
* Allow setting of approval amount to unlimited in edit-approval-permission
* Fix height of confirm-approval popup
* Ensure decimals prop passted to confirm-approve.component is correct type
* Ensure first param passed to calcTokenValue in confirm-approve.util is the correct type
* Fix e2e test of permission editing
* Remove unused code from edit-approval-permission.container
* ENS Reverse Resolution support
* Save punycode for ENS domains with Unicode characters
* Update SenderToRecipient recipientEns tooltip
* Use cached results when reverse-resolving ENS names
* Display ENS names in tx activity log
* Add estimated time to pending transactions
* add sytles for pending transactions component
* add media queries styling for pending transactions component
* fix lint errors, remove extra spaces
* refactor code to call `fetchBasicGasAndTimeEstimates` method once
* refactor code to call `getgetRenderableTimeEstimate` method once
* fix, correct export to use `transaction-time-remaining-component`
* fix indentation issues after running `yarn lint`
* newBigSigDig in gas-price-chart.utils supports strings
* Code cleanup
* Ensure fetchBasicGasAndTimeEstimates is only called from tx-list if there are pending-txs
* Move gas time estimate utilities into utility file
* Move getTxParams to transaction selector file
* Add feature flag for display of remaining transaction time in tx history list
* Fix circular dependency by removing unused import of transactionSelector in selectors.js
* Use correct feature flag property name transactionTime
* Ensure that tx list component correctly responds to turning tx time feature on
* Prevent precision errors in newBigSigDig
* Code clean up for pending transaction times
* Update transaction-time-remaining feature to count down seconds, countdown seconds and show '< 30'
* Code clean up for transaction-time-remaining feature
* Cleanup beforeunload handler after transaction is resolved
The notification window was updated to reject transactions upon close
in #6340. A handler that rejects the transaction was added to
`window.onbeforeunload`, and it was cleared in `actions.js` if it was
confirmed or rejected.
However, the `onbeforeunload` handler remained uncleared if the
transaction was resolved in another window. This results in the
transaction being rejected when the notification window closes, even
long after the transaction is submitted and confirmed. This has been
the cause of many problems with the Firefox e2e tests.
Instead the `onbeforeunload` handler is cleared in the
`componentWillUnmount` lifecycle function, alongside where it's set in
the first place. This ensures that it's correctly unset regardless
of how the transaction was resolved, and it better matches user
expectations.
* Fix indentation and remove redundant export
The `run-all.sh` Bash script now uses consistent indentation, and is
consistent about only re-exporting the Ganache arguments when they
change.
* Ensure transactions are completed before checking balance
Various intermittent e2e test failures appear to be caused by React
re-rendering the transaction list during the test, as the transaction
goes from pending to confirmed. To avoid this race condition, the
transaction is now explicitly looked for in the confirmed transaction
list in each of the tests using this pattern.
* Enable all e2e tests on Firefox
The remaining tests that were disabled on Firefox now work correctly.
Only a few timing adjustments were needed.
* Update Firefox used in CI
Firefox v70 is now used on CI instead of v68. This necessitated
rewriting the function where the extension ID was obtained because the
Firefox extensions page was redesigned.
* tests - create tests for pending middlewares
* transactions - add r,s,v values to the txMeta to match the JSON rpc response
* network - add new middleware for eth_getTransactionByHash that the checks pending tx's for a response value
* transactions/pending - use getTransactionReceipt for checking if tx is in a block
* meta - file rename
If the extension ID is set, an alternate title and subtitle are used
for the Connect Request screen. The title is always `External
Extension`, and the subtitle is `Extension ID: [id]` instead of the
origin (which would just be `[extension-scheme]://[id]` anyway).
The hostname for the site is used as a fallback in case it has no
title.
The artificial hostname set for internal connections has been renamed
from 'MetaMask' to 'metamask' because URL objects automatically
normalize hostnames to be all lower-case, and it was more convenient to
use a URL object so that the parameter would be the same type as used
for an untrusted connection.
* Add a delay after connecting
This addresses an intermittent test failure where the MetaMask
Notification window cannot be found. It appears to be caused by the
Send button being clicked too soon after connecting to a dapp, before
the background has had a chance to process the approval. The premature
send is ignored and the window never appears.
This delay (2 seconds) should be sufficient time for the connection to
be processed. A later 5-second delay was also reduced to 2 seconds.
* Select onboarding buttons by button text
The onboarding buttons were being selected using the classname, which
was common to all onboarding buttons. This resulting in buttons being
selected just before a page transition, leading to an error about
the element reference being stale when a click was attempted.
The CSS class selectors have been replaced by text selectors, which
are more specific and shouldn't be at risk of resolving early. They're
also easier to read.
* Remove retypeSeedPhrase function
This function was used to re-type the seed phrase in the event that a
failure occurred when confirming the seed phrase. I'm not sure what
failure this was meant to address exactly, but this contingency hasn't
been needed for some time. We can tell that it hasn't been used because
it wasn't updated for the incremental account security changes, so it
couldn't have worked since then (it would have clicked the wrong
button).
* Use `AdvancedGasInputs` in `AdvancedTabContent`
The `AdvancedGasInputs` component was originally extracted from the
`AdvancedTabContent` component, duplicating much of the rendering
logic. They have since evolved separately, with bugs being fixed in one
place but not the other.
The inputs and outputs expected weren't exactly the same, as the
`AdvancedGasInputs` component converts the input custom gas price and
limit, and it converts them both in the setter methods as well.
The `GasModalPageContainer` had to be adjusted to avoid converting
these values multiple times.
Both components dealt with input debouncing separately, both in less
than ideal ways. `AdvancedTabContent` didn't debounce either field, but
it did debounce the check for whether the gas limit field was below the
minimum value. So if a less-than-minimum value was set, it would be
propogated upwards and could be saved if the user clicked 'Save'
quickly enough. After a second delay it would snap back to the minimum
value. The `AdvancedGasInputs` component debounced both fields, but
it would replace any gas limit below the minimum with the minimum
value. This led to a problem where a brief pause during typing would
reset the field to 21000.
The `AdvancedGasInputs` approach was chosen, except that it was
updated to no longer change the gas limit if it was below the minimum.
Instead it displays an error. Parent components were checked to ensure
they would detect the error case of the gas limit being set too low,
and prevent the form submission in those cases. Of the three parents,
one had already dealt with it correctly, one needed to convert the
gas limit from hex first, and another needed the gas limit check added.
Closes#6872
* Cleanup send components
Empty README files have been removed, and a mistake in the index file
for the send page has been corrected. The Gas Slider component class
name was updated as well; it looks like it was originally created from
`AdvancedTabContent`, so it still had that class name.
* Ensure correct transaction category when sending to contracts but there is no txParams data
* Update gas when pasting address in send
* Gracefully fall back is send.util/estimateGas when blockGasLimit from background is falsy
* Remove network request frontend fallback for blockGasLimit
* Add some needed slow downs to e2e tests
The 3Box initialization is triggered by login, but it no longer blocks
the login from finishing. The 3Box initialization is designed to run in
the background, so there's no reason to block on it.
* Add UseNonce toggle
* Get the toggle actually working and dispatching
* Display nonce field on confirmation page
* Remove console.log
* Add placeholder
* Set customNonceValue
* Add nonce key/value to txParams
* remove customNonceValue from component state
* Use translation file and existing CSS class
* Use existing TextField component
* Remove console.log
* Fix lint nits
* Okay this sorta works?
* Move nonce toggle to advanced tab
* Set min to 0
* Wrap value in Number()
* Add customNonceMap
* Update custom nonce translation
* Update styles
* Reset CustomNonce
* Fix lint
* Get tests passing
* Add customNonceValue to defaults
* Fix test
* Fix comments
* Update tests
* Use camel case
* Ensure custom nonce can only be whole number
* Correct font size for custom nonce input
* UX improvements for custom nonce feature
* Fix advanced-tab-component tests for custom nonce changes
* Update title of nonce toggle in settings
* Remove unused locale message
* Cast custom nonce to string in confirm-transaction-base.component
* Handle string conversion and invalid values for custom nonces in handler
* Don't call getNonceLock in tx controller if there is a custom nonce
* Set nonce details for cases where nonce is customized
* Fix incorrectly use value for deciding whether to getnoncelock in approveTransaction
* Default nonceLock to empty object in approveTransaction
* Reapply use on nonceLock in cases where customNonceValue in approveTransaction.
* Show warning message if custom nonce is higher than MetaMask's next nonce
* Fix e2e test failure caused by custom nonce and 3box toggle conflict
* Update nonce warning message to include the suggested nonce
* Handle nextNonce comparison and update logic in lifecycle
* Default nonce field to suggested nonce
* Clear custom nonce on reject or confirm
* Fix bug where nonces are not shown in tx list on self sent transactions
* Ensure custom nonce is reset after tx is created in background
* Convert customNonceValue to number in approve tranasction controller
* Lint fix
* Call getNextNonce after updating custom nonce
* Delete unused code
* Run threebox imports through migrations
* Remove 3box feature flag
* Remove unnecessary use of 'type' in threebox._updatePlugin
* Fix threebox controller getLastUpdated
* Turn off threebox by default
* Rename restoredFromThreeBox to showRestorePrompt
* Remove accientally added method from threebox controller
* Restore from threebox on import from unlock screen
* Throw on non 404 errors from Box.getconfig in new3Box
* Adds ab test controller with a fullScreenVsPopup test
* Add migration for fullScreenVsPopup state
* Move abtest state under an 'abtests' object.
* MetaMask shows fullScreen group of a/b test unapproved txs in a full browser tab
* Ensure cancel metrics event in confirm-transaction-base.component.js is sent in all cases
* Switch to existing tab for unapproved tx if it exists when opening in full screen
* Send metrics event for entering a/b test from confirm screen
* Fix lint, unit and integration tests related to a/b test code
* Remove unnecessary tabs.query call in triggerUiInNewTab
* Adds threebox controller
* Adds threebox approval modal
* Fix unit tests and lint after addition of threebox
* Correct threebox behaviour after rejecting request for backup; fixes e2e tests.
* Update threebox controller for automatic syncing
* Ensure frontend locale updates when preferences are changed via direct update within controller
* Add toggle in settings for 3box syncing
* Update threebox controller for latest 3box version
* Delete unnecessary frontend changes for threebox integration
* Backing up address book contacts with threebox
* Update unit tests for 3box-integration additions
* Only enable threebox by default for new wallets
* Mock globals for correct unit tests
* 3box '1.10.2' -> '^1.10.2'
* Correct capilalization on 3Box
* Use log.debug instead of console.log in threebox controller
* Update yarn.lock
* Remove edge build
* Split 3box module into background deps js file
* extra bundle opts for bg-libs
* sync yarn.lock
* new3Box logic
* Show confirm threebox restore after import
* Remove bg-libs.js from manifest file for dev builds
* Switch 3Box controller to using the spaces api (instead of the profile api)
* Finalize switching to spaces api and only restoring from 3box after import
* Update metamask-controller-test.js for threebox controller changes
* Make threebox modal style consistent with others and update success button wording
* Use mock 3box when in test
* Correct 3box modal header
* Remove unnecessary property of threebox controller provider
* Remove unnecessary method calls after restoration from 3box in the threebox-restore-confirm modal.
* Replace setThreeBoxSyncingPermission calls in routes/index.js with turnThreeBoxSyncingOn
* Replace erroneous use of with
* Replace erroneous use of threeboxSyncing with threeBoxSyncingAllowed in advancted-tab directory
* Lint fixes for 3box changes
* Log errors encountered when updating 3Box
* Remove unnecessary parameter from state update
* Add timeout to initial 3Box sync
The initial 3Box sync will now timeout after 1 minute. If the timeout
is triggered, 3Box is disabled and cannot be re-enabled unless the
initial sync does finally finish. If it never finishes, 3Box cannot
be enabled unless the extension is reinstalled.
The Advanced Settings page was updated to show this option as disabled
in that circumstance, with a new discription explaining why it's
disabled. The UI here could certainly be improved.
Additionally, "on" and "off" labels were added to the toggle to match
the other toggles on the Advanced Settings page.
* Use non-minified 3Box module
We had previously used the minified 3Box module to avoid a build error
encountered when `envify` was processing the `libp2p` module (which is
used by 3Box). The build would fail because `esprima` (used by `envify`)
is incompatible with the object spread/rest operator (which is used in
`libp2p`).
That issue has been solved by adding a global Babelify transformation
specifically for transpiling out the object rest/spread operator from
dependencies. It has been targetted to only affect `libp2p` to avoid
extending the build time too much. This workaround can be used until
a new version of `esprima` is released that includes this bug fix.
* Use app key addresses for threebox
* Replace use of modal for confirming 3box restoration with a home notification
* Adds e2e tests for restoring from threebox
* Update eth-keyring-controller to 5.1.0
* Correct parameters passed to getAppKeyAddress in threebox.js
* Add prefix to origin passed to getAppKeyAddress in threebox.js
* Remove unused locale message.
* Prevent CORS errors in firefox e2e tests
* Ensure extraneous scripts are excluded from the local test dev build
* Move threeBoxLastUpdate state from home.component to redux
* Threebox PR code cleanup
* Always use first address when initializing threebox
* Replace setRestoredFromThreeBox api with setRestoredFromThreeBoxToFalse and setRestoredFromThreeBoxToTrue
* Update development/metamaskbot-build-announce.js to include ui-libs and bg-libs in hard coded bundle list
* Update test/e2e/threebox.spec.js to use new helpers added with pull #7144
* Make setFeatureFlag available on the ui window during testing
* Hide threebox feature behind a feature flag that can only be activated via dev console
* Remove unnecessary migration of threebox feature flag
* Prevent this.init() call in threebox constructor if feature flag is not turned on
* Prevent threebox notification from showing if feature flag is falsy
* http://localhost/8889 -> http://localhost/* in gulp manifest:testing tasks
* Make chainId available in the metamask-inpage-provider
* Update metamask-inpage-provider to 2.1.0
* Add e2e tests for ethereum.on events
* Move chainId constants to lib/enums.js
* Don't use new chainId enums in createInfuraClient
* Fix app/scripts/lib/select-chain-id.js
