Improve login flow resilience against extensions (#284)

* Add retrying to retrieving login secrets

* Bump version, changelog

* Detect malformed data earlier

* Don't put errors in the console if these are warnings

CHANGELOG.md

@@ -1,10 +1,9 @@
 # Changelog
 
-
 ### v0.28.0
 
-Added the `fs.addPublicExchangeKey()` function which adds the public exchange key of that domain/browser/device to your filesystem at `/public/.well-known/exchange/DID_KEY`. Along with the `fs.hasPublicExchangeKey()` to check if it's there.
-
+- Added the `fs.addPublicExchangeKey()` function which adds the public exchange key of that domain/browser/device to your filesystem at `/public/.well-known/exchange/DID_KEY`. Along with the `fs.hasPublicExchangeKey()` to check if it's there.
+- Made the login low more resilient. Should work better with extensions triggering `postMessage`s now.
 
 
 ### v0.27.0

package.json

@@ -1,6 +1,6 @@
 {
   "name": "webnative",
-  "version": "0.27.0",
+  "version": "0.27.1",
   "description": "Fission Webnative SDK",
   "keywords": [
     "WebCrypto",

src/common/version.ts

@@ -1 +1 @@
-export const VERSION = "0.27.0"
+export const VERSION = "0.27.1"

src/index.ts

@@ -139,11 +139,11 @@ export async function initialise(
     const newUser = url.searchParams.get("newUser") === "t"
     const username = url.searchParams.get("username") || ""
 
-    await importClassifiedInfo(
+    await retry(async () => importClassifiedInfo(
       authorised === "via-postmessage"
         ? await getClassifiedViaPostMessage()
-        : await ipfs.cat(authorised) // in any other case we expect it to be a CID
-    )
+        : JSON.parse(await ipfs.cat(authorised)) // in any other case we expect it to be a CID
+    ), { tries: 10, timeout: 10000, timeoutMessage: "Trying to retrieve UCAN(s) and readKey(s) from the auth lobby timed out after 10 seconds." })
 
     await storage.setItem(USERNAME_STORAGE_KEY, username)
 
@@ -335,15 +335,13 @@ interface AuthLobbyClassifiedInfo {
 
 
 async function importClassifiedInfo(
-  classified : string
+  classifiedInfo: AuthLobbyClassifiedInfo
 ): Promise<void> {
-  const info: AuthLobbyClassifiedInfo = JSON.parse(classified)
-
   // Extract session key and its iv
-  const rawSessionKey = await crypto.keystore.decrypt(info.sessionKey)
+  const rawSessionKey = await crypto.keystore.decrypt(classifiedInfo.sessionKey)
 
   // Decrypt secrets
-  const secretsStr = await crypto.aes.decryptGCM(info.secrets, rawSessionKey, info.iv)
+  const secretsStr = await crypto.aes.decryptGCM(classifiedInfo.secrets, rawSessionKey, classifiedInfo.iv)
   const secrets = JSON.parse(secretsStr)
 
   const fsSecrets: Record<string, { key: string; bareNameFilter: string }> = secrets.fs
@@ -365,7 +363,7 @@ async function importClassifiedInfo(
   await ucan.store(ucans)
 }
 
-async function getClassifiedViaPostMessage(): Promise<string> {
+async function getClassifiedViaPostMessage(): Promise<AuthLobbyClassifiedInfo> {
   const iframe: HTMLIFrameElement = await new Promise(resolve => {
     const iframe = document.createElement("iframe")
     iframe.id = "webnative-secret-exchange"
@@ -384,16 +382,44 @@ async function getClassifiedViaPostMessage(): Promise<string> {
 
   try {
 
-    const answer: Promise<string> = new Promise((resolve, reject) => {
+    const answer: Promise<AuthLobbyClassifiedInfo> = new Promise((resolve, reject) => {
+      let tries = 10
       window.addEventListener("message", listen)
 
+      function retryOrReject(eventData?: string) {
+        console.warn(`When importing UCANs & readKey(s): Can't parse: ${eventData}. Might be due to extensions.`)
+        if (--tries === 0) {
+          window.removeEventListener("message", listen)
+          reject(new Error("Couldn't parse message from auth lobby after 10 tries. See warnings above."))
+        }
+      }
+
       function listen(event: MessageEvent<string>) {
-        window.removeEventListener("message", listen)
-        if (event.data) {
-          resolve(event.data)
-        } else {
-          reject(new Error("Can't import UCANs & readKey(s): Missing data"))
+        if (new URL(event.origin).host !== new URL(setup.endpoints.lobby).host) {
+          console.log(`Got a message from ${event.origin} while waiting for login credentials. Ignoring.`)
+          return
+        }
+
+        if (event.data == null) {
+          // Might be an extension sending a message without data
+          return
+        }
+
+        let classifiedInfo: unknown = null
+        try {
+          classifiedInfo = JSON.parse(event.data)
+        } catch {
+          retryOrReject(event.data)
+          return
         }
+
+        if (!isAuthLobbyClassifiedInfo(classifiedInfo)) {
+          retryOrReject(event.data)
+          return
+        }
+
+        window.removeEventListener("message", listen)
+        resolve(classifiedInfo)
       }
     })
 
@@ -423,3 +449,37 @@ async function validateSecrets(permissions: Permissions): Promise<boolean> {
     Promise.resolve(true)
   )
 }
+
+async function retry(action: () => Promise<void>, options: { tries: number; timeout: number; timeoutMessage: string }): Promise<void> {
+  return await Promise.race([
+    (async () => {
+      let tryNum = 1
+      while (tryNum <= options.tries) {
+        try {
+          await action()
+          return
+        } catch (e) {
+          if (tryNum == options.tries) {
+            throw e
+          }
+        }
+        tryNum++
+      }
+    })(),
+    new Promise<void>((resolve, reject) => setTimeout(() => reject(new Error(options.timeoutMessage)), options.timeout))
+  ])
+}
+
+
+interface AuthLobbyClassifiedInfo {
+  sessionKey: string
+  secrets: string
+  iv: string
+}
+
+function isAuthLobbyClassifiedInfo(obj: unknown): obj is AuthLobbyClassifiedInfo {
+  return common.isObject(obj)
+    && common.isString(obj.sessionKey)
+    && common.isString(obj.secrets)
+    && common.isString(obj.iv)
+}