From 1ca9d73f10afacb8e591225479f04e7f7a1cbabf Mon Sep 17 00:00:00 2001
From: Andreas Coroiu <andreas.coroiu@gmail.com>
Date: Fri, 16 Dec 2022 10:13:52 +0100
Subject: [PATCH] [EC-598] feat: confirm new credentials

---
 .../browser/src/background/main.background.ts | 10 ------
 apps/browser/src/popup/app.module.ts          |  2 ++
 .../src/popup/fido2/fido2.component.html      | 12 +++++--
 .../src/popup/fido2/fido2.component.ts        | 24 +++++++++++---
 apps/browser/src/popup/fido2/fido2.module.ts  | 11 +++++++
 .../browser-fido2-user-interface.service.ts   | 31 +++++++++++++++++++
 ...ido2-user-interface.service.abstraction.ts |  1 +
 .../src/services/fido2/fido2.service.ts       |  2 +-
 .../noop-fido2-user-interface.service.ts      |  4 +++
 9 files changed, 79 insertions(+), 18 deletions(-)
 create mode 100644 apps/browser/src/popup/fido2/fido2.module.ts

diff --git a/apps/browser/src/background/main.background.ts b/apps/browser/src/background/main.background.ts
index 5bb52511dcf..0fb48425f36 100644
--- a/apps/browser/src/background/main.background.ts
+++ b/apps/browser/src/background/main.background.ts
@@ -119,16 +119,6 @@ import RuntimeBackground from "./runtime.background";
 import TabsBackground from "./tabs.background";
 import WebRequestBackground from "./webRequest.background";
 
-export class Fido2UserInterfaceService implements Fido2UserInterfaceServiceAbstraction {
-  async verifyUser(): Promise<boolean> {
-    return false;
-  }
-
-  async verifyPresence(): Promise<boolean> {
-    return false;
-  }
-}
-
 export default class MainBackground {
   messagingService: MessagingServiceAbstraction;
   storageService: AbstractStorageService;
diff --git a/apps/browser/src/popup/app.module.ts b/apps/browser/src/popup/app.module.ts
index 473ffb33a98..54443365d1b 100644
--- a/apps/browser/src/popup/app.module.ts
+++ b/apps/browser/src/popup/app.module.ts
@@ -87,6 +87,7 @@ import { PrivateModeWarningComponent } from "./components/private-mode-warning.c
 import { SendListComponent } from "./components/send-list.component";
 import { SetPinComponent } from "./components/set-pin.component";
 import { UserVerificationComponent } from "./components/user-verification.component";
+import { Fido2Module } from "./fido2/fido2.module";
 import { GeneratorComponent } from "./generator/generator.component";
 import { PasswordGeneratorHistoryComponent } from "./generator/password-generator-history.component";
 import { EffluxDatesComponent as SendEffluxDatesComponent } from "./send/efflux-dates.component";
@@ -192,6 +193,7 @@ registerLocaleData(localeZhTw, "zh-TW");
     ReactiveFormsModule,
     ScrollingModule,
     ServicesModule,
+    Fido2Module,
   ],
   declarations: [
     ActionButtonsComponent,
diff --git a/apps/browser/src/popup/fido2/fido2.component.html b/apps/browser/src/popup/fido2/fido2.component.html
index bf223f05664..b7c0068b2df 100644
--- a/apps/browser/src/popup/fido2/fido2.component.html
+++ b/apps/browser/src/popup/fido2/fido2.component.html
@@ -1,5 +1,13 @@
 <div class="auth-wrapper">
-  A site is asking for authentication
-  <button type="button" class="btn btn-outline-secondary" (click)="verify()">Authenticate</button>
+  <ng-container *ngIf="data.type == 'VerifyUserRequest'">
+    A site is asking for authentication
+  </ng-container>
+  <ng-container *ngIf="data.type == 'ConfirmNewCredentialRequest'">
+    A site wants to create a new passkey in your vault
+  </ng-container>
+  <button type="button" class="btn btn-outline-secondary" (click)="accept()">
+    <ng-container *ngIf="data.type == 'VerifyUserRequest'">Authenticate</ng-container>
+    <ng-container *ngIf="data.type == 'ConfirmNewCredentialRequest'">Create</ng-container>
+  </button>
   <button type="button" class="btn btn-outline-secondary" (click)="cancel()">Cancel</button>
 </div>
diff --git a/apps/browser/src/popup/fido2/fido2.component.ts b/apps/browser/src/popup/fido2/fido2.component.ts
index dc460680f29..d59806fed9c 100644
--- a/apps/browser/src/popup/fido2/fido2.component.ts
+++ b/apps/browser/src/popup/fido2/fido2.component.ts
@@ -18,12 +18,26 @@ export class Fido2Component {
     return this.activatedRoute.snapshot.queryParams as BrowserFido2Message;
   }
 
-  async verify() {
+  async accept() {
     const data = this.data;
-    BrowserFido2UserInterfaceService.sendMessage({
-      requestId: data.requestId,
-      type: "VerifyUserResponse",
-    });
+
+    if (data.type === "VerifyUserRequest") {
+      BrowserFido2UserInterfaceService.sendMessage({
+        requestId: data.requestId,
+        type: "VerifyUserResponse",
+      });
+    } else if (data.type === "ConfirmNewCredentialRequest") {
+      BrowserFido2UserInterfaceService.sendMessage({
+        requestId: data.requestId,
+        type: "ConfirmNewCredentialResponse",
+      });
+    } else {
+      BrowserFido2UserInterfaceService.sendMessage({
+        requestId: data.requestId,
+        type: "RequestCancelled",
+      });
+    }
+
     window.close();
   }
 
diff --git a/apps/browser/src/popup/fido2/fido2.module.ts b/apps/browser/src/popup/fido2/fido2.module.ts
new file mode 100644
index 00000000000..d052dcb0987
--- /dev/null
+++ b/apps/browser/src/popup/fido2/fido2.module.ts
@@ -0,0 +1,11 @@
+import { CommonModule } from "@angular/common";
+import { NgModule } from "@angular/core";
+
+import { Fido2Component } from "./fido2.component";
+
+@NgModule({
+  imports: [CommonModule],
+  declarations: [Fido2Component],
+  exports: [Fido2Component],
+})
+export class Fido2Module {}
diff --git a/apps/browser/src/services/fido2/browser-fido2-user-interface.service.ts b/apps/browser/src/services/fido2/browser-fido2-user-interface.service.ts
index 057a0e28e7b..cf4c1d70278 100644
--- a/apps/browser/src/services/fido2/browser-fido2-user-interface.service.ts
+++ b/apps/browser/src/services/fido2/browser-fido2-user-interface.service.ts
@@ -15,6 +15,12 @@ export type BrowserFido2Message = { requestId: string } & (
   | {
       type: "VerifyUserResponse";
     }
+  | {
+      type: "ConfirmNewCredentialRequest";
+    }
+  | {
+      type: "ConfirmNewCredentialResponse";
+    }
   | {
       type: "RequestCancelled";
     }
@@ -65,6 +71,31 @@ export class BrowserFido2UserInterfaceService implements Fido2UserInterfaceServi
     return false;
   }
 
+  async confirmNewCredential(): Promise<boolean> {
+    const requestId = Utils.newGuid();
+    const data: BrowserFido2Message = { type: "ConfirmNewCredentialRequest", requestId };
+    const queryParams = new URLSearchParams(data).toString();
+    this.popupUtilsService.popOut(
+      null,
+      `popup/index.html?uilocation=popout#/fido2?${queryParams}`,
+      { center: true }
+    );
+
+    const response = await lastValueFrom(
+      this.messages$.pipe(
+        filter((msg) => msg.requestId === requestId),
+        first(),
+        takeUntil(this.destroy$)
+      )
+    );
+
+    if (response.type === "ConfirmNewCredentialResponse") {
+      return true;
+    }
+
+    return false;
+  }
+
   private processMessage(msg: BrowserFido2Message) {
     this.messages$.next(msg);
   }
diff --git a/libs/common/src/abstractions/fido2/fido2-user-interface.service.abstraction.ts b/libs/common/src/abstractions/fido2/fido2-user-interface.service.abstraction.ts
index b49c565e470..6dfed28d5f0 100644
--- a/libs/common/src/abstractions/fido2/fido2-user-interface.service.abstraction.ts
+++ b/libs/common/src/abstractions/fido2/fido2-user-interface.service.abstraction.ts
@@ -1,4 +1,5 @@
 export abstract class Fido2UserInterfaceService {
   verifyUser: () => Promise<boolean>;
   verifyPresence: () => Promise<boolean>;
+  confirmNewCredential: () => Promise<boolean>;
 }
diff --git a/libs/common/src/services/fido2/fido2.service.ts b/libs/common/src/services/fido2/fido2.service.ts
index 1eae23f6bf5..02c04361828 100644
--- a/libs/common/src/services/fido2/fido2.service.ts
+++ b/libs/common/src/services/fido2/fido2.service.ts
@@ -8,7 +8,7 @@ export class Fido2Service implements Fido2ServiceAbstraction {
   constructor(private fido2UserInterfaceService: Fido2UserInterfaceService) {}
 
   async createCredential(params: CredentialRegistrationParams): Promise<unknown> {
-    await this.fido2UserInterfaceService.verifyPresence();
+    await this.fido2UserInterfaceService.confirmNewCredential();
     // eslint-disable-next-line no-console
     console.log("Fido2Service.registerCredential", params);
     return "createCredential response";
diff --git a/libs/common/src/services/fido2/noop-fido2-user-interface.service.ts b/libs/common/src/services/fido2/noop-fido2-user-interface.service.ts
index ddd1c4e21d0..1db8934e7f0 100644
--- a/libs/common/src/services/fido2/noop-fido2-user-interface.service.ts
+++ b/libs/common/src/services/fido2/noop-fido2-user-interface.service.ts
@@ -8,4 +8,8 @@ export class Fido2UserInterfaceService implements Fido2UserInterfaceServiceAbstr
   async verifyPresence(): Promise<boolean> {
     return false;
   }
+
+  async confirmNewCredential(): Promise<boolean> {
+    return false;
+  }
 }