diff --git a/stored-credentials/README.md b/stored-credentials/README.md index b9d70f7a..f62758a8 100644 --- a/stored-credentials/README.md +++ b/stored-credentials/README.md @@ -3,30 +3,35 @@ **Although this add-on uses a stored password to authenticate to a web server, it should not be taken as an example of how to store or work securely with passwords. It's only a demonstration of how to use the -[`webRequest.onAuthRequired`](https://developer.mozilla.org/en-US/Add-ons/WebExtensions/API/webRequest/onAuthRequired) API.** +[`webRequest.onAuthRequired`](https://developer.mozilla.org/en-US/Add-ons/WebExtensions/API/webRequest/onAuthRequired) +API.** -This add-on uses the [`webRequest.onAuthRequired`](https://developer.mozilla.org/en-US/Add-ons/WebExtensions/API/webRequest/onAuthRequired) API to log the user into -the demo site at https://httpbin.org/basic-auth/user/passwd using a stored -username and password. +This add-on uses the +[`webRequest.onAuthRequired`](https://developer.mozilla.org/en-US/Add-ons/WebExtensions/API/webRequest/onAuthRequired) +API to log the user into the demo site at +https://httpbin.org/basic-auth/user/passwd using a stored username and password. -This add-on stores a username and password using the [`storage.local`](https://developer.mozilla.org/en-US/Add-ons/WebExtensions/API/storage/local) API. -The default value is the correct value -for the demo site: +This add-on stores a username and password using the +[`storage.local`](https://developer.mozilla.org/en-US/Add-ons/WebExtensions/API/storage/local) +API. The default value is the correct value for the demo site: username: "user" password: "passwd" -You can change the default values in the add-on's [options page](https://developer.mozilla.org/en-US/Add-ons/WebExtensions/Options_pages). +You can change the default values in the add-on's [options +page](https://developer.mozilla.org/en-US/Add-ons/WebExtensions/Options_pages). The add-on then uses `webRequest.onAuthRequired` to intercept authentication -requests from the demo site. When it gets -such a request, it fetches the stored credentials and supplies them -asynchronously. +requests from the demo site. When it gets such a request, it fetches the stored +credentials and supplies them asynchronously. To try out the add-on: -* Before installing the add-on, visit https://httpbin.org/basic-auth/user/passwd, -and see that it asks for a username and password. -* [Install the add-on](https://developer.mozilla.org/en-US/Add-ons/WebExtensions/Temporary_Installation_in_Firefox) in Firefox 54 or later. -* Visit https://httpbin.org/basic-auth/user/passwd again, and see that authentication succeeds automatically. - +* Before installing the add-on, visit + https://httpbin.org/basic-auth/user/passwd, and see that it asks for a + username and password. +* [Install the + add-on](https://developer.mozilla.org/en-US/Add-ons/WebExtensions/Temporary_Installation_in_Firefox) + in Firefox 54 or later. +* Visit https://httpbin.org/basic-auth/user/passwd again, and see that + authentication succeeds automatically. diff --git a/stored-credentials/auth.js b/stored-credentials/auth.js index e4ffda1d..d7168ef3 100644 --- a/stored-credentials/auth.js +++ b/stored-credentials/auth.js @@ -1,6 +1,4 @@ - let target = "https://httpbin.org/basic-auth/*"; - let pendingRequests = []; /* @@ -14,27 +12,26 @@ function completed(requestDetails) { } } -function provideCredentialsAsync(requestDetails) { - // If we have seen this request before, - // then assume our credentials were bad, +async function provideCredentialsAsync(requestDetails, asyncCallback) { + // If we have seen this request before, then assume our credentials were bad, // and give up. if (pendingRequests.indexOf(requestDetails.requestId) != -1) { console.log("bad credentials for: " + requestDetails.requestId); return {cancel: true}; - } else { pendingRequests.push(requestDetails.requestId); console.log("providing credentials for: " + requestDetails.requestId); - // we can return a promise that will be resolved - // with the stored credentials - return browser.storage.local.get(null); + // We can respond asynchronously by calling asyncCallback and providing the + // authentication credentials. + const {authCredentials} = await browser.storage.local.get("authCredentials"); + asyncCallback({authCredentials}); } } browser.webRequest.onAuthRequired.addListener( provideCredentialsAsync, {urls: [target]}, - ["blocking"] + ["asyncBlocking"] ); browser.webRequest.onCompleted.addListener( diff --git a/stored-credentials/manifest.json b/stored-credentials/manifest.json index 65a15c8e..5650e235 100644 --- a/stored-credentials/manifest.json +++ b/stored-credentials/manifest.json @@ -25,6 +25,7 @@ "permissions": [ "webRequest", "webRequestBlocking", + "webRequestAuthProvider", "storage", "https://httpbin.org/basic-auth/*" ]