/*
This file is part of TALER
(C) 2016 GNUnet e.V.
TALER is free software; you can redistribute it and/or modify it under the
terms of the GNU General Public License as published by the Free Software
Foundation; either version 3, or (at your option) any later version.
TALER is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with
TALER; see the file COPYING. If not, see
*/
/**
* Messaging for the WebExtensions wallet. Should contain
* parts that are specific for WebExtensions, but as little business
* logic as possible.
*/
/**
* Imports.
*/
import { BrowserHttpLib } from "../http";
import * as logging from "../logging";
import { AmountJson } from "../amounts";
import {
ConfirmReserveRequest,
CreateReserveRequest,
Notifier,
ReturnCoinsRequest,
} from "../walletTypes";
import { Wallet } from "../wallet";
import { isFirefox } from "./compat";
import { PurchaseRecord, WALLET_DB_VERSION } from "../dbTypes";
import { openTalerDb, exportDb, importDb, deleteDb } from "../db";
import { ChromeBadge } from "./chromeBadge";
import { MessageType } from "./messages";
import * as wxApi from "./wxApi";
import URI = require("urijs");
import Port = chrome.runtime.Port;
import MessageSender = chrome.runtime.MessageSender;
import { BrowserCryptoWorkerFactory } from "../crypto/cryptoApi";
const NeedsWallet = Symbol("NeedsWallet");
function handleMessage(
sender: MessageSender,
type: MessageType,
detail: any,
): any {
function assertNotFound(t: never): never {
console.error(`Request type ${t as string} unknown`);
console.error(`Request detail was ${detail}`);
return { error: "request unknown", requestType: type } as never;
}
function needsWallet(): Wallet {
if (!currentWallet) {
throw NeedsWallet;
}
return currentWallet;
}
switch (type) {
case "balances": {
return needsWallet().getBalances();
}
case "dump-db": {
const db = needsWallet().db;
return exportDb(db);
}
case "import-db": {
const db = needsWallet().db;
return importDb(db, detail.dump);
}
case "ping": {
return Promise.resolve();
}
case "reset-db": {
if (currentWallet) {
const db = currentWallet.db;
const tx = db.transaction(Array.from(db.objectStoreNames), "readwrite");
// tslint:disable-next-line:prefer-for-of
for (let i = 0; i < db.objectStoreNames.length; i++) {
tx.objectStore(db.objectStoreNames[i]).clear();
}
}
deleteDb(indexedDB);
setBadgeText({ text: "" });
console.log("reset done");
if (!currentWallet) {
reinitWallet();
}
return Promise.resolve({});
}
case "create-reserve": {
const d = {
amount: detail.amount,
exchange: detail.exchange,
senderWire: detail.senderWire,
};
const req = CreateReserveRequest.checked(d);
return needsWallet().createReserve(req);
}
case "confirm-reserve": {
const d = {
reservePub: detail.reservePub,
};
const req = ConfirmReserveRequest.checked(d);
return needsWallet().confirmReserve(req);
}
case "confirm-pay": {
if (typeof detail.proposalId !== "number") {
throw Error("proposalId must be number");
}
return needsWallet().confirmPay(detail.proposalId, detail.sessionId);
}
case "submit-pay": {
if (typeof detail.contractTermsHash !== "string") {
throw Error("contractTermsHash must be a string");
}
return needsWallet().submitPay(
detail.contractTermsHash,
detail.sessionId,
);
}
case "check-pay": {
if (typeof detail.proposalId !== "number") {
throw Error("proposalId must be number");
}
return needsWallet().checkPay(detail.proposalId);
}
case "query-payment": {
if (sender.tab && sender.tab.id) {
rateLimitCache[sender.tab.id]++;
if (rateLimitCache[sender.tab.id] > 10) {
console.warn("rate limit for query-payment exceeded");
const msg = {
error: "rate limit exceeded for query-payment",
hint: "Check for redirect loops",
rateLimitExceeded: true,
};
return Promise.resolve(msg);
}
}
return needsWallet().queryPaymentByFulfillmentUrl(detail.url);
}
case "exchange-info": {
if (!detail.baseUrl) {
return Promise.resolve({ error: "bad url" });
}
return needsWallet().updateExchangeFromUrl(detail.baseUrl);
}
case "currency-info": {
if (!detail.name) {
return Promise.resolve({ error: "name missing" });
}
return needsWallet().getCurrencyRecord(detail.name);
}
case "hash-contract": {
if (!detail.contract) {
return Promise.resolve({ error: "contract missing" });
}
return needsWallet()
.hashContract(detail.contract)
.then(hash => {
return hash;
});
}
case "reserve-creation-info": {
if (!detail.baseUrl || typeof detail.baseUrl !== "string") {
return Promise.resolve({ error: "bad url" });
}
const amount = AmountJson.checked(detail.amount);
return needsWallet().getWithdrawDetailsForAmount(detail.baseUrl, amount);
}
case "get-history": {
// TODO: limit history length
return needsWallet().getHistory();
}
case "get-proposal": {
return needsWallet().getProposal(detail.proposalId);
}
case "get-exchanges": {
return needsWallet().getExchanges();
}
case "get-currencies": {
return needsWallet().getCurrencies();
}
case "update-currency": {
return needsWallet().updateCurrency(detail.currencyRecord);
}
case "get-reserves": {
if (typeof detail.exchangeBaseUrl !== "string") {
return Promise.reject(Error("exchangeBaseUrl missing"));
}
return needsWallet().getReserves(detail.exchangeBaseUrl);
}
case "get-payback-reserves": {
return needsWallet().getPaybackReserves();
}
case "withdraw-payback-reserve": {
if (typeof detail.reservePub !== "string") {
return Promise.reject(Error("reservePub missing"));
}
return needsWallet().withdrawPaybackReserve(detail.reservePub);
}
case "get-coins": {
if (typeof detail.exchangeBaseUrl !== "string") {
return Promise.reject(Error("exchangBaseUrl missing"));
}
return needsWallet().getCoins(detail.exchangeBaseUrl);
}
case "get-precoins": {
if (typeof detail.exchangeBaseUrl !== "string") {
return Promise.reject(Error("exchangBaseUrl missing"));
}
return needsWallet().getPreCoins(detail.exchangeBaseUrl);
}
case "get-denoms": {
if (typeof detail.exchangeBaseUrl !== "string") {
return Promise.reject(Error("exchangBaseUrl missing"));
}
return needsWallet().getDenoms(detail.exchangeBaseUrl);
}
case "refresh-coin": {
if (typeof detail.coinPub !== "string") {
return Promise.reject(Error("coinPub missing"));
}
return needsWallet().refresh(detail.coinPub);
}
case "payback-coin": {
if (typeof detail.coinPub !== "string") {
return Promise.reject(Error("coinPub missing"));
}
return needsWallet().payback(detail.coinPub);
}
case "get-sender-wire-infos": {
return needsWallet().getSenderWireInfos();
}
case "return-coins": {
const d = {
amount: detail.amount,
exchange: detail.exchange,
senderWire: detail.senderWire,
};
const req = ReturnCoinsRequest.checked(d);
return needsWallet().returnCoins(req);
}
case "check-upgrade": {
let dbResetRequired = false;
if (!currentWallet) {
dbResetRequired = true;
}
const resp: wxApi.UpgradeResponse = {
currentDbVersion: WALLET_DB_VERSION.toString(),
dbResetRequired,
oldDbVersion: (oldDbVersion || "unknown").toString(),
};
return resp;
}
case "log-and-display-error":
logging.storeReport(detail).then(reportUid => {
const url = chrome.extension.getURL(
`/src/webex/pages/error.html?reportUid=${reportUid}`,
);
if (detail.sameTab && sender && sender.tab && sender.tab.id) {
chrome.tabs.update(detail.tabId, { url });
} else {
chrome.tabs.create({ url });
}
});
return;
case "get-report":
return logging.getReport(detail.reportUid);
case "get-purchase": {
const contractTermsHash = detail.contractTermsHash;
if (!contractTermsHash) {
throw Error("contractTermsHash missing");
}
return needsWallet().getPurchase(contractTermsHash);
}
case "get-full-refund-fees":
return needsWallet().getFullRefundFees(detail.refundPermissions);
case "accept-refund":
return needsWallet().acceptRefund(detail.refundUrl);
case "get-tip-status": {
return needsWallet().getTipStatus(detail.talerTipUri);
}
case "accept-tip": {
return needsWallet().acceptTip(detail.talerTipUri);
}
case "clear-notification": {
return needsWallet().clearNotification();
}
case "download-proposal": {
return needsWallet().downloadProposal(detail.url);
}
case "abort-failed-payment": {
if (!detail.contractTermsHash) {
throw Error("contracTermsHash not given");
}
return needsWallet().abortFailedPayment(detail.contractTermsHash);
}
case "taler-pay": {
const senderUrl = sender.url;
if (!senderUrl) {
console.log("can't trigger payment, no sender URL");
return;
}
const tab = sender.tab;
if (!tab) {
console.log("can't trigger payment, no sender tab");
return;
}
const tabId = tab.id;
if (typeof tabId !== "string") {
console.log("can't trigger payment, no sender tab id");
return;
}
talerPay(detail, senderUrl, tabId);
return;
}
case "benchmark-crypto": {
if (!detail.repetitions) {
throw Error("repetitions not given");
}
return needsWallet().benchmarkCrypto(detail.repetitions);
}
case "get-withdraw-details": {
return needsWallet().getWithdrawDetailsForUri(
detail.talerWithdrawUri,
detail.maybeSelectedExchange,
);
}
case "accept-withdrawal": {
return needsWallet().acceptWithdrawal(
detail.talerWithdrawUri,
detail.selectedExchange,
);
}
case "prepare-pay":
return needsWallet().preparePay(detail.talerPayUri);
default:
// Exhaustiveness check.
// See https://www.typescriptlang.org/docs/handbook/advanced-types.html
return assertNotFound(type);
}
}
async function dispatch(
req: any,
sender: any,
sendResponse: any,
): Promise {
try {
const p = handleMessage(sender, req.type, req.detail);
const r = await p;
try {
sendResponse(r);
} catch (e) {
// might fail if tab disconnected
}
} catch (e) {
console.log(`exception during wallet handler for '${req.type}'`);
console.log("request", req);
console.error(e);
let stack;
try {
stack = e.stack.toString();
} catch (e) {
// might fail
}
try {
sendResponse({
error: "exception",
message: e.message,
stack,
});
} catch (e) {
console.log(e);
// might fail if tab disconnected
}
}
}
class ChromeNotifier implements Notifier {
private ports: Port[] = [];
constructor() {
chrome.runtime.onConnect.addListener(port => {
console.log("got connect!");
this.ports.push(port);
port.onDisconnect.addListener(() => {
const i = this.ports.indexOf(port);
if (i >= 0) {
this.ports.splice(i, 1);
} else {
console.error("port already removed");
}
});
});
}
notify() {
for (const p of this.ports) {
p.postMessage({ notify: true });
}
}
}
async function talerPay(
fields: any,
url: string,
tabId: number,
): Promise {
if (!currentWallet) {
console.log("can't handle payment, no wallet");
return undefined;
}
const w = currentWallet;
const goToPayment = (p: PurchaseRecord): string => {
const nextUrl = new URI(p.contractTerms.fulfillment_url);
nextUrl.addSearch("order_id", p.contractTerms.order_id);
if (p.lastSessionSig) {
nextUrl.addSearch("session_sig", p.lastSessionSig);
}
return nextUrl.href();
};
if (fields.resource_url) {
const p = await w.queryPaymentByFulfillmentUrl(fields.resource_url);
console.log("query for resource url", fields.resource_url, "result", p);
if (
p &&
(fields.session_id === undefined || fields.session_id === p.lastSessionId)
) {
return goToPayment(p);
}
}
if (fields.contract_url) {
const proposalId = await w.downloadProposal(fields.contract_url);
const uri = new URI(
chrome.extension.getURL("/src/webex/pages/confirm-contract.html"),
);
if (fields.session_id) {
uri.addSearch("sessionId", fields.session_id);
}
uri.addSearch("proposalId", proposalId);
const redirectUrl = uri.href();
return redirectUrl;
}
if (fields.offer_url) {
return fields.offer_url;
}
if (fields.refund_url) {
console.log("processing refund");
const uri = new URI(
chrome.extension.getURL("/src/webex/pages/refund.html"),
);
return uri.query({ refundUrl: fields.refund_url }).href();
}
if (fields.tip) {
const uri = new URI(chrome.extension.getURL("/src/webex/pages/tip.html"));
return uri.query({ tip_token: fields.tip }).href();
}
return undefined;
}
function getTab(tabId: number): Promise {
return new Promise((resolve, reject) => {
chrome.tabs.get(tabId, (tab: chrome.tabs.Tab) => resolve(tab));
});
}
function setBadgeText(options: chrome.browserAction.BadgeTextDetails) {
// not supported by all browsers ...
if (chrome && chrome.browserAction && chrome.browserAction.setBadgeText) {
chrome.browserAction.setBadgeText(options);
} else {
console.warn("can't set badge text, not supported", options);
}
}
function waitMs(timeoutMs: number): Promise {
return new Promise((resolve, reject) => {
chrome.extension
.getBackgroundPage()!
.setTimeout(() => resolve(), timeoutMs);
});
}
function makeSyncWalletRedirect(
url: string,
tabId: number,
oldUrl: string,
params?: { [name: string]: string | undefined },
): object {
const innerUrl = new URI(chrome.extension.getURL("/src/webex/pages/" + url));
if (params) {
for (const key in params) {
if (params[key]) {
innerUrl.addSearch(key, params[key]);
}
}
}
const outerUrl = new URI(
chrome.extension.getURL("/src/webex/pages/redirect.html"),
);
outerUrl.addSearch("url", innerUrl);
if (isFirefox()) {
// Some platforms don't support the sync redirect (yet), so fall back to
// async redirect after a timeout.
const doit = async () => {
await waitMs(150);
const tab = await getTab(tabId);
if (tab.url === oldUrl) {
chrome.tabs.update(tabId, { url: outerUrl.href() });
}
};
doit();
}
return { redirectUrl: outerUrl.href() };
}
// Rate limit cache for executePayment operations, to break redirect loops
let rateLimitCache: { [n: number]: number } = {};
function clearRateLimitCache() {
rateLimitCache = {};
}
/**
* Currently active wallet instance. Might be unloaded and
* re-instantiated when the database is reset.
*/
let currentWallet: Wallet | undefined;
/**
* Last version if an outdated DB, if applicable.
*/
let oldDbVersion: number | undefined;
function handleUpgradeUnsupported(oldDbVersion: number, newDbVersion: number) {
console.log("DB migration not supported");
chrome.tabs.create({
url: chrome.extension.getURL("/src/webex/pages/reset-required.html"),
});
setBadgeText({ text: "err" });
chrome.browserAction.setBadgeBackgroundColor({ color: "#F00" });
}
async function reinitWallet() {
if (currentWallet) {
currentWallet.stop();
currentWallet = undefined;
}
setBadgeText({ text: "" });
const badge = new ChromeBadge();
let db: IDBDatabase;
try {
db = await openTalerDb(indexedDB, reinitWallet, handleUpgradeUnsupported);
} catch (e) {
console.error("could not open database", e);
return;
}
const http = new BrowserHttpLib();
const notifier = new ChromeNotifier();
console.log("setting wallet");
const wallet = new Wallet(
db,
http,
badge,
notifier,
new BrowserCryptoWorkerFactory(),
);
// Useful for debugging in the background page.
(window as any).talerWallet = wallet;
currentWallet = wallet;
}
/**
* Inject a script into a tab. Gracefully logs errors
* and works around a bug where the tab's URL does not match the internal URL,
* making the injection fail in a confusing way.
*/
function injectScript(
tabId: number,
details: chrome.tabs.InjectDetails,
actualUrl: string,
): void {
chrome.tabs.executeScript(tabId, details, () => {
// Required to squelch chrome's "unchecked lastError" warning.
// Sometimes chrome reports the URL of a tab as http/https but
// injection fails. This can happen when a page is unloaded or
// shows a "no internet" page etc.
if (chrome.runtime.lastError) {
console.warn(
"injection failed on page",
actualUrl,
chrome.runtime.lastError.message,
);
}
});
}
/**
* Main function to run for the WebExtension backend.
*
* Sets up all event handlers and other machinery.
*/
export async function wxMain() {
// Explicitly unload the extension page as soon as an update is available,
// so the update gets installed as soon as possible.
chrome.runtime.onUpdateAvailable.addListener(details => {
console.log("update available:", details);
chrome.runtime.reload();
});
window.onerror = (m, source, lineno, colno, error) => {
logging.record(
"error",
"".concat(m as any, error as any),
undefined,
source || "(unknown)",
lineno || 0,
colno || 0,
);
};
chrome.tabs.query({}, tabs => {
console.log("got tabs", tabs);
for (const tab of tabs) {
if (!tab.url || !tab.id) {
continue;
}
const uri = new URI(tab.url);
if (uri.protocol() !== "http" && uri.protocol() !== "https") {
continue;
}
console.log(
"injecting into existing tab",
tab.id,
"with url",
uri.href(),
"protocol",
uri.protocol(),
);
injectScript(
tab.id,
{ file: "/dist/contentScript-bundle.js", runAt: "document_start" },
uri.href(),
);
const code = `
if (("taler" in window) || document.documentElement.getAttribute("data-taler-nojs")) {
document.dispatchEvent(new Event("taler-probe-result"));
}
`;
injectScript(tab.id, { code, runAt: "document_start" }, uri.href());
}
});
const tabTimers: { [n: number]: number[] } = {};
chrome.tabs.onRemoved.addListener((tabId, changeInfo) => {
const tt = tabTimers[tabId] || [];
for (const t of tt) {
chrome.extension.getBackgroundPage()!.clearTimeout(t);
}
});
chrome.tabs.onUpdated.addListener((tabId, changeInfo) => {
if (changeInfo.status !== "complete") {
return;
}
const timers: number[] = [];
const addRun = (dt: number) => {
const id = chrome.extension.getBackgroundPage()!.setTimeout(run, dt);
timers.push(id);
};
const run = () => {
timers.shift();
chrome.tabs.get(tabId, tab => {
if (chrome.runtime.lastError) {
return;
}
if (!tab.url || !tab.id) {
return;
}
const uri = new URI(tab.url);
if (!(uri.protocol() === "http" || uri.protocol() === "https")) {
return;
}
const code = `
if (("taler" in window) || document.documentElement.getAttribute("data-taler-nojs")) {
document.dispatchEvent(new Event("taler-probe-result"));
}
`;
injectScript(tab.id!, { code, runAt: "document_start" }, uri.href());
});
};
addRun(0);
addRun(50);
addRun(300);
addRun(1000);
addRun(2000);
addRun(4000);
addRun(8000);
addRun(16000);
tabTimers[tabId] = timers;
});
chrome.extension.getBackgroundPage()!.setInterval(clearRateLimitCache, 5000);
reinitWallet();
// Handlers for messages coming directly from the content
// script on the page
chrome.runtime.onMessage.addListener((req, sender, sendResponse) => {
dispatch(req, sender, sendResponse);
return true;
});
// Clear notifications both when the popop opens,
// as well when it closes.
chrome.runtime.onConnect.addListener(port => {
if (port.name === "popup") {
if (currentWallet) {
currentWallet.clearNotification();
}
port.onDisconnect.addListener(() => {
if (currentWallet) {
currentWallet.clearNotification();
}
});
}
});
// Handlers for catching HTTP requests
chrome.webRequest.onHeadersReceived.addListener(
details => {
const wallet = currentWallet;
if (!wallet) {
console.warn("wallet not available while handling header");
}
if (details.statusCode === 402) {
console.log(`got 402 from ${details.url}`);
for (let header of details.responseHeaders || []) {
if (header.name.toLowerCase() === "taler") {
const talerUri = header.value || "";
if (!talerUri.startsWith("taler://")) {
console.warn(
"Response with HTTP 402 has Taler header, but header value is not a taler:// URI.",
);
break;
}
if (talerUri.startsWith("taler://withdraw/")) {
return makeSyncWalletRedirect(
"withdraw.html",
details.tabId,
details.url,
{
talerWithdrawUri: talerUri,
},
);
} else if (talerUri.startsWith("taler://pay/")) {
return makeSyncWalletRedirect(
"pay.html",
details.tabId,
details.url,
{
talerPayUri: talerUri,
},
);
} else if (talerUri.startsWith("taler://tip/")) {
return makeSyncWalletRedirect(
"tip.html",
details.tabId,
details.url,
{
talerTipUri: talerUri,
},
);
} else if (talerUri.startsWith("taler://refund/")) {
return makeSyncWalletRedirect(
"refund.html",
details.tabId,
details.url,
{
talerRefundUri: talerUri,
},
);
} else {
console.warn("Unknown action in taler:// URI, ignoring.");
}
break;
}
}
}
return {};
},
{ urls: [""] },
["responseHeaders", "blocking"],
);
}