From 1ad0bc547ac47baa02702bda4e54c3ad37a4c3de Mon Sep 17 00:00:00 2001
From: Andreas Coroiu <andreas.coroiu@gmail.com>
Date: Fri, 27 Jan 2023 17:02:11 +0100
Subject: [PATCH] [EC-598] feat: add abort controller all the way to service

---
 .../src/background/runtime.background.ts       | 18 ++++++++++++++++--
 .../src/content/webauthn/content-script.ts     | 15 +++++++++++++--
 .../webauthn/messaging/messenger.spec.ts       |  2 +-
 .../content/webauthn/messaging/messenger.ts    |  4 ++--
 .../fido2/fido2.service.abstraction.ts         | 10 ++++++++--
 .../common/src/services/fido2/fido2.service.ts |  3 ++-
 6 files changed, 42 insertions(+), 10 deletions(-)

diff --git a/apps/browser/src/background/runtime.background.ts b/apps/browser/src/background/runtime.background.ts
index 1fe1fcd55ee..7194d976e71 100644
--- a/apps/browser/src/background/runtime.background.ts
+++ b/apps/browser/src/background/runtime.background.ts
@@ -18,6 +18,7 @@ export default class RuntimeBackground {
   private pageDetailsToAutoFill: any[] = [];
   private onInstalledReason: string = null;
   private lockedVaultPendingNotifications: LockedVaultPendingNotificationsItem[] = [];
+  private abortControllers = new Map<string, AbortController>();
 
   constructor(
     private main: MainBackground,
@@ -218,10 +219,17 @@ export default class RuntimeBackground {
       case "getClickedElementResponse":
         this.platformUtilsService.copyToClipboard(msg.identifier, { window: window });
         break;
+      case "fido2AbortRequest":
+        this.abortControllers.get(msg.abortedRequestId)?.abort();
+        break;
       case "fido2RegisterCredentialRequest":
-        return await this.main.fido2Service.createCredential(msg.data);
+        return await this.main.fido2Service
+          .createCredential(msg.data, this.createAbortController(msg.requestId))
+          .finally(() => this.abortControllers.delete(msg.requestId));
       case "fido2GetCredentialRequest":
-        return await this.main.fido2Service.assertCredential(msg.data);
+        return await this.main.fido2Service
+          .assertCredential(msg.data, this.createAbortController(msg.requestId))
+          .finally(() => this.abortControllers.delete(msg.requestId));
     }
     return undefined;
   }
@@ -258,4 +266,10 @@ export default class RuntimeBackground {
       }
     }, 100);
   }
+
+  private createAbortController(id: string): AbortController {
+    const abortController = new AbortController();
+    this.abortControllers.set(id, abortController);
+    return abortController;
+  }
 }
diff --git a/apps/browser/src/content/webauthn/content-script.ts b/apps/browser/src/content/webauthn/content-script.ts
index 4c59914762e..1e19fce9951 100644
--- a/apps/browser/src/content/webauthn/content-script.ts
+++ b/apps/browser/src/content/webauthn/content-script.ts
@@ -1,4 +1,4 @@
-import { MessageType } from "./messaging/message";
+import { Message, MessageType } from "./messaging/message";
 import { Messenger } from "./messaging/messenger";
 
 const s = document.createElement("script");
@@ -8,12 +8,20 @@ s.src = chrome.runtime.getURL("content/webauthn/page-script.js");
 const messenger = Messenger.forDOMCommunication(window);
 
 messenger.handler = async (message, abortController) => {
+  const abortHandler = () =>
+    chrome.runtime.sendMessage({
+      command: "fido2AbortRequest",
+      abortedRequestId: message.metadata.requestId,
+    });
+  abortController.signal.addEventListener("abort", abortHandler);
+
   if (message.type === MessageType.CredentialCreationRequest) {
     return new Promise((resolve, reject) => {
       chrome.runtime.sendMessage(
         {
           command: "fido2RegisterCredentialRequest",
           data: message.data,
+          requestId: message.metadata.requestId,
         },
         (response) => {
           if (response.error !== undefined) {
@@ -35,6 +43,7 @@ messenger.handler = async (message, abortController) => {
         {
           command: "fido2GetCredentialRequest",
           data: message.data,
+          requestId: message.metadata.requestId,
         },
         (response) => {
           if (response.error !== undefined) {
@@ -47,7 +56,9 @@ messenger.handler = async (message, abortController) => {
           });
         }
       );
-    });
+    }).finally(() =>
+      abortController.signal.removeEventListener("abort", abortHandler)
+    ) as Promise<Message>;
   }
 
   return undefined;
diff --git a/apps/browser/src/content/webauthn/messaging/messenger.spec.ts b/apps/browser/src/content/webauthn/messaging/messenger.spec.ts
index f9a5b92a875..b7db072d4cb 100644
--- a/apps/browser/src/content/webauthn/messaging/messenger.spec.ts
+++ b/apps/browser/src/content/webauthn/messaging/messenger.spec.ts
@@ -66,7 +66,7 @@ describe("Messenger", () => {
   });
 });
 
-type TestMessage = Message & { testId: string };
+type TestMessage = MessageWithMetadata & { testId: string };
 
 function createRequest(): TestMessage {
   return { testId: Utils.newGuid(), type: "TestRequest" } as any;
diff --git a/apps/browser/src/content/webauthn/messaging/messenger.ts b/apps/browser/src/content/webauthn/messaging/messenger.ts
index aa09b676bcd..ccf75a94986 100644
--- a/apps/browser/src/content/webauthn/messaging/messenger.ts
+++ b/apps/browser/src/content/webauthn/messaging/messenger.ts
@@ -12,7 +12,7 @@ export type Channel = {
 export type Metadata = { requestId: string };
 export type MessageWithMetadata = Message & { metadata: Metadata };
 type Handler = (
-  message: Message,
+  message: MessageWithMetadata,
   abortController?: AbortController
 ) => Promise<Message | undefined>;
 
@@ -37,7 +37,7 @@ export class Messenger {
   }
 
   handler?: Handler;
-  abortControllers = new Map<string, AbortController>();
+  private abortControllers = new Map<string, AbortController>();
 
   constructor(private channel: Channel) {
     this.channel.messages$
diff --git a/libs/common/src/abstractions/fido2/fido2.service.abstraction.ts b/libs/common/src/abstractions/fido2/fido2.service.abstraction.ts
index 6677330d709..da6b75a8415 100644
--- a/libs/common/src/abstractions/fido2/fido2.service.abstraction.ts
+++ b/libs/common/src/abstractions/fido2/fido2.service.abstraction.ts
@@ -85,6 +85,12 @@ export class OriginMismatchError extends Fido2Error {
 }
 
 export abstract class Fido2Service {
-  createCredential: (params: CredentialRegistrationParams) => Promise<CredentialRegistrationResult>;
-  assertCredential: (params: CredentialAssertParams) => Promise<CredentialAssertResult>;
+  createCredential: (
+    params: CredentialRegistrationParams,
+    abortController?: AbortController
+  ) => Promise<CredentialRegistrationResult>;
+  assertCredential: (
+    params: CredentialAssertParams,
+    abortController?: AbortController
+  ) => Promise<CredentialAssertResult>;
 }
diff --git a/libs/common/src/services/fido2/fido2.service.ts b/libs/common/src/services/fido2/fido2.service.ts
index 60efe2c6a8a..756fde1ef02 100644
--- a/libs/common/src/services/fido2/fido2.service.ts
+++ b/libs/common/src/services/fido2/fido2.service.ts
@@ -45,7 +45,8 @@ export class Fido2Service implements Fido2ServiceAbstraction {
   ) {}
 
   async createCredential(
-    params: CredentialRegistrationParams
+    params: CredentialRegistrationParams,
+    abortController?: AbortController
   ): Promise<CredentialRegistrationResult> {
     const presence = await this.fido2UserInterfaceService.confirmNewCredential({
       credentialName: params.rp.name,