Bug 970606 - Add username to setIdentityProvider. r=jib

2024-09-13 09:24:08 -07:00 · 2014-03-14 11:25:33 -07:00 · 2014-03-14 11:25:33 -07:00 · 3108d96efa
commit 3108d96efa
parent b82c67b50d
3 changed files with 74 additions and 29 deletions
--- a/dom/media/PeerConnectionIdp.jsm
+++ b/dom/media/PeerConnectionIdp.jsm
@ -41,7 +41,8 @@ PeerConnectionIdp.prototype = {
  setIdentityProvider: function(
      provider, protocol, username) {
    this.provider = provider;
-    this._idpchannel = new IdpProxy(provider, protocol, username);
+    this.username = username;
+    this._idpchannel = new IdpProxy(provider, protocol);
  },

  close: function() {
@ -216,7 +217,11 @@ PeerConnectionIdp.prototype = {
      }
    }

-    this._sendToIdp("VERIFY", assertion, onVerification.bind(this));
+    let request = {
+      type: "VERIFY",
+      message: assertion
+    };
+    this._sendToIdp(request, onVerification.bind(this));
  },

  /**
@ -238,14 +243,7 @@ PeerConnectionIdp.prototype = {
    }

    function onAssertion(assertion) {
-      if (!assertion) {
-        this._warning("RTC identity: assertion generation failure", null, 0);
-        callback(sdp);
-        return;
-      }
-
-      this.assertion = btoa(JSON.stringify(assertion));
-      callback(this.wrapSdp(sdp), this.assertion);
+      callback(this.wrapSdp(sdp), assertion);
    }

    this._getIdentityAssertion(fingerprint, onAssertion.bind(this));
@ -266,8 +264,7 @@ PeerConnectionIdp.prototype = {
      sdp.substring(match.index);
  },

-  getIdentityAssertion: function(
-      fingerprint, callback) {
+  getIdentityAssertion: function(fingerprint, callback) {
    if (!this._idpchannel) {
      throw new Error("IdP not set");
    }
@ -275,8 +272,7 @@ PeerConnectionIdp.prototype = {
    this._getIdentityAssertion(fingerprint, callback);
  },

-  _getIdentityAssertion: function(
-      fingerprint, callback) {
+  _getIdentityAssertion: function(fingerprint, callback) {
    let [algorithm, digest] = fingerprint.split(" ");
    let message = {
      fingerprint: {
@ -284,23 +280,36 @@ PeerConnectionIdp.prototype = {
        digest: digest
      }
    };
-    this._sendToIdp("SIGN", JSON.stringify(message), callback);
+    let request = {
+      type: "SIGN",
+      message: JSON.stringify(message),
+      username: this.username
+    };
+
+    // catch the assertion, clean it up, warn if absent
+    function trapAssertion(assertion) {
+      if (!assertion) {
+        this._warning("RTC identity: assertion generation failure", null, 0);
+        this.assertion = null;
+      } else {
+        this.assertion = btoa(JSON.stringify(assertion));
+      }
+      callback(this.assertion);
+    }
+
+    this._sendToIdp(request, trapAssertion.bind(this));
  },

  /**
   * Packages a message and sends it to the IdP.
   */
-  _sendToIdp: function(type, message, callback) {
+  _sendToIdp: function(request, callback) {
    // this is not secure
    // but there are no good alternatives until bug 968335 lands
    // when that happens, change this to use the new mechanism
-    let origin = this._win.document.nodePrincipal.origin;
+    request.origin = this._win.document.nodePrincipal.origin;

-    this._idpchannel.send({
-      type: type,
-      message: message,
-      origin: origin
-    }, this._wrapCallback(callback));
+    this._idpchannel.send(request, this._wrapCallback(callback));
  },

  /**
--- a/dom/media/tests/identity/idp-proxy.js
+++ b/dom/media/tests/identity/idp-proxy.js
@ -3,6 +3,7 @@

  function IDPJS() {
    this.domain = window.location.host;
+    this.username = "someone@" + this.domain;
    // so rather than create a million different IdP configurations and litter
    // the world with files all containing near-identical code, let's use the
    // hash/URL fragment as a way of generating instructions for the IdP
@ -55,6 +56,14 @@
    var message = ev.data;
    switch (message.type) {
    case "SIGN":
+      if (message.username) {
+        var at = message.username.indexOf("@");
+        if (at < 0) {
+          this.username = message.username + "@" + this.domain;
+        } else if (message.username.substring(at + 1) === this.domain) {
+          this.username = message.username;
+        }
+      }
      this.sendResponse({
        type : "SUCCESS",
        id : message.id,
@ -64,28 +73,31 @@
            protocol : "idp.html"
          },
          assertion : JSON.stringify({
-            identity : "someone@" + this.domain,
+            username : this.username,
            contents : message.message
          })
        }
      });
      break;
+
    case "VERIFY":
+      var payload = JSON.parse(message.message);
      this.sendResponse({
        type : "SUCCESS",
        id : message.id,
        message : {
          identity : {
-            name : "someone@" + this.domain,
-            displayname : "Someone"
+            name : payload.username
          },
-          contents : JSON.parse(message.message).contents
+          contents : payload.contents
        }
      });
      break;
+
    default:
      this.sendResponse({
        type : "ERROR",
+        id : message.id,
        error : JSON.stringify(message)
      });
      break;
--- a/dom/media/tests/identity/test_getIdentityAssertion.html
+++ b/dom/media/tests/identity/test_getIdentityAssertion.html
@ -14,6 +14,14 @@
    title: "getIdentityAssertion Tests"
  });

+function checkIdentity(assertion, identity) {
+  // here we dig into the payload, which means we need to know something
+  // about how the IdP actually works (not good in general, but OK here)
+  var assertion = JSON.parse(atob(assertion)).assertion;
+  var user = JSON.parse(assertion).username;
+  is(user, identity, "id should be '" + identity + "' is '" + user + "'");
+}
+
 var test;
 function theTest() {
  test = new PeerConnectionTest();
@ -32,13 +40,15 @@ function theTest() {
    "GET_IDENTITY_ASSERTION_FIRES_EVENTUALLY_AND_SUBSEQUENTLY",
    function(test) {
      var fired = 0;
-      test.setIdentityProvider(test.pcLocal, 'example.com', 'idp.html', 'nobody');
-      test.pcLocal._pc.onidentityresult = function() {
+      test.setIdentityProvider(test.pcLocal, 'example.com', 'idp.html');
+      test.pcLocal._pc.onidentityresult = function(e) {
        fired++;
        if (fired == 1) {
          ok(true, "identityresult fired");
+          checkIdentity(e.assertion, 'someone@example.com');
        } else if (fired == 2) {
          ok(true, "identityresult fired 2x");
+          checkIdentity(e.assertion, 'someone@example.com');
          test.next();
        }
      };
@ -51,7 +61,7 @@ function theTest() {
    function(test) {
      test.setIdentityProvider(test.pcLocal, 'example.com', 'idp.html#error');
      test.pcLocal._pc.onidentityresult = function(e) {
-       ok(false, "Should not get an identity result");
+        ok(false, "Should not get an identity result");
        test.next();
      };
      test.pcLocal._pc.getIdentityAssertion(function(err) {
@ -73,6 +83,20 @@ function theTest() {
        test.next();
      });
    }
+  ],
+  [
+    "GET_IDENTITY_ASSERTION_WITH_SPECIFIC_NAME",
+    function(test) {
+      test.setIdentityProvider(test.pcLocal, 'example.com', 'idp.html', 'user@example.com');
+      test.pcLocal._pc.onidentityresult = function(e) {
+        checkIdentity(e.assertion, 'user@example.com');
+        test.next();
+      };
+      test.pcLocal._pc.getIdentityAssertion(function(err) {
+        ok(false, "Got error callback from getIdentityAssertion");
+        test.next();
+      });
+    }
  ]
  ]);
  test.run();