Skip to content

Commit 0777d32

Browse files
committed
daemon: Send activation token to UI
1 parent 62d8c75 commit 0777d32

4 files changed

Lines changed: 71 additions & 24 deletions

File tree

credentialsd-common/src/model.rs

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -46,6 +46,9 @@ pub enum Operation {
4646

4747
#[derive(Clone, Debug, PartialEq, Serialize, Deserialize, Type)]
4848
pub struct PortalBackendOptions {
49+
/// A token that can be used to activate the UI window.
50+
pub activation_token: Optional<String>,
51+
4952
/// Top-level origin of the request if different from the origin.
5053
pub top_origin: Optional<String>,
5154

credentialsd/src/dbus/flow_control.rs

Lines changed: 40 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -25,27 +25,44 @@ use crate::{
2525
dbus::ui_control::UiController,
2626
model::{CredentialRequest, CredentialResponse},
2727
};
28+
pub struct UiRequestContext {
29+
request: CredentialRequest,
30+
app: RequestingApplication,
31+
/// Client window handle
32+
window_handle: Option<WindowHandle>,
33+
activation_token: Option<String>,
34+
response_channel: oneshot::Sender<Result<CredentialResponse, CredentialServiceError>>,
35+
}
2836

2937
pub async fn start_flow_control_service<M: ManageDevice + Debug + Send + Sync + 'static>(
3038
conn: Connection,
31-
mut listener: Receiver<(
32-
CredentialRequest,
33-
RequestingApplication,
34-
Option<WindowHandle>, // Client window handle
35-
oneshot::Sender<Result<CredentialResponse, CredentialServiceError>>,
36-
)>,
39+
mut listener: Receiver<UiRequestContext>,
3740
device_manager: M,
3841
) -> zbus::Result<AbortHandle> {
3942
let svc = Arc::new(AsyncMutex::new(device_manager));
4043
let svc2 = svc.clone();
4144

4245
let task = tokio::spawn(async move {
43-
while let Some((msg, requesting_app, window_handle, tx)) = listener.recv().await {
46+
while let Some(ui_request_ctx) = listener.recv().await {
4447
let svc = svc2.clone();
4548
let ui_control_client = UiControlServiceClient::new(conn.clone());
46-
if let Err(_) =
47-
tx.send(handle(svc, ui_control_client, msg, requesting_app, window_handle).await)
48-
{
49+
let UiRequestContext {
50+
request,
51+
app,
52+
window_handle,
53+
activation_token,
54+
response_channel,
55+
} = ui_request_ctx;
56+
let response = handle(
57+
svc,
58+
ui_control_client,
59+
request,
60+
app,
61+
window_handle,
62+
activation_token,
63+
)
64+
.await;
65+
if let Err(_) = response_channel.send(response) {
4966
tracing::error!(
5067
"Received response to credential request, but failed to forward it to gateway"
5168
);
@@ -61,6 +78,7 @@ async fn handle<M: ManageDevice + Debug + Send + Sync + 'static, UC: UiControlle
6178
msg: CredentialRequest,
6279
requesting_app: RequestingApplication,
6380
window_handle: Option<WindowHandle>,
81+
activation_token: Option<String>,
6482
) -> Result<CredentialResponse, CredentialServiceError> {
6583
let (request_tx, request_rx) = oneshot::channel();
6684
let request_id = svc.lock().await.init_request(&msg, request_tx).await?;
@@ -112,6 +130,7 @@ async fn handle<M: ManageDevice + Debug + Send + Sync + 'static, UC: UiControlle
112130
// TODO: Make path and app ID separate.
113131
path_or_app_id,
114132
PortalBackendOptions {
133+
activation_token: activation_token.into(),
115134
top_origin: top_origin.into(),
116135
rp_id: Some(rp_id).into(),
117136
},
@@ -235,29 +254,32 @@ pub trait CredentialRequestController {
235254
requesting_app: RequestingApplication,
236255
request: CredentialRequest,
237256
window_handle: Option<WindowHandle>,
257+
activation_token: Option<String>,
238258
) -> Result<CredentialResponse, WebAuthnError>;
239259
}
240260

241261
pub struct CredentialRequestControllerClient {
242-
pub initiator: Sender<(
243-
CredentialRequest,
244-
RequestingApplication, // Application name sending the request
245-
Option<WindowHandle>, // Client window handle,
246-
oneshot::Sender<Result<CredentialResponse, CredentialServiceError>>,
247-
)>,
262+
pub initiator: Sender<UiRequestContext>,
248263
}
249264

250265
#[async_trait]
251266
impl CredentialRequestController for CredentialRequestControllerClient {
252267
async fn request_credential(
253268
&self,
254-
requesting_app: RequestingApplication,
269+
app: RequestingApplication,
255270
request: CredentialRequest,
256271
window_handle: Option<WindowHandle>,
272+
activation_token: Option<String>,
257273
) -> Result<CredentialResponse, WebAuthnError> {
258274
let (tx, rx) = oneshot::channel();
259275
self.initiator
260-
.send((request, requesting_app, window_handle, tx))
276+
.send(UiRequestContext {
277+
request,
278+
app,
279+
window_handle,
280+
activation_token,
281+
response_channel: tx,
282+
})
261283
.await
262284
.unwrap();
263285
let response = rx.await.map_err(|_| {

credentialsd/src/gateway/dbus.rs

Lines changed: 14 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -69,7 +69,7 @@ impl CredentialPortalGateway {
6969
claimed_app_display_name: Optional<String>,
7070
) -> PortalResult<CreateCredentialResponse, Error> {
7171
let CreateCredentialPortalOptions {
72-
activation_token: _,
72+
activation_token,
7373
top_origin,
7474
public_key,
7575
} = options;
@@ -114,7 +114,12 @@ impl CredentialPortalGateway {
114114
.gateway_service
115115
.lock()
116116
.await
117-
.handle_create_credential(request, context, parent_window.into())
117+
.handle_create_credential(
118+
request,
119+
context,
120+
parent_window.into(),
121+
activation_token.into(),
122+
)
118123
.await
119124
.map_err(Error::from);
120125

@@ -133,7 +138,7 @@ impl CredentialPortalGateway {
133138
claimed_app_display_name: Optional<String>,
134139
) -> PortalResult<GetCredentialResponse, Error> {
135140
let GetCredentialPortalOptions {
136-
activation_token: _,
141+
activation_token,
137142
top_origin,
138143
public_key,
139144
} = options;
@@ -174,7 +179,12 @@ impl CredentialPortalGateway {
174179
.gateway_service
175180
.lock()
176181
.await
177-
.handle_get_credential(request, context, parent_window.into())
182+
.handle_get_credential(
183+
request,
184+
context,
185+
parent_window.into(),
186+
activation_token.into(),
187+
)
178188
.await
179189
.map_err(Error::from);
180190
response.into()

credentialsd/src/gateway/mod.rs

Lines changed: 14 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -84,6 +84,7 @@ impl GatewayService {
8484
request: CreateCredentialRequest,
8585
context: RequestContext,
8686
parent_window: Option<WindowHandle>,
87+
activation_token: Option<String>,
8788
) -> Result<CreateCredentialResponse, WebAuthnError> {
8889
let request_environment = validate_request(&context)?;
8990

@@ -110,7 +111,12 @@ impl GatewayService {
110111

111112
let response = self
112113
.request_controller
113-
.request_credential(context.into(), cred_request, parent_window)
114+
.request_credential(
115+
context.into(),
116+
cred_request,
117+
parent_window,
118+
activation_token,
119+
)
114120
.await?;
115121

116122
if let CredentialResponse::CreatePublicKeyCredentialResponse(cred_response) = response {
@@ -142,6 +148,7 @@ impl GatewayService {
142148
request: GetCredentialRequest,
143149
context: RequestContext,
144150
parent_window: Option<WindowHandle>,
151+
activation_token: Option<String>,
145152
) -> Result<GetCredentialResponse, WebAuthnError> {
146153
let request_environment = validate_request(&context)?;
147154

@@ -166,7 +173,12 @@ impl GatewayService {
166173

167174
let response = self
168175
.request_controller
169-
.request_credential(context.into(), cred_request, parent_window)
176+
.request_credential(
177+
context.into(),
178+
cred_request,
179+
parent_window,
180+
activation_token,
181+
)
170182
.await?;
171183

172184
if let CredentialResponse::GetPublicKeyCredentialResponse(cred_response) = response {

0 commit comments

Comments
 (0)