For #12289 Add lib-auth for authentication using biometrics or PIN.

buildSrc/src/main/java/Dependencies.kt

@@ -14,7 +14,6 @@ object Versions {
     const val robolectric = "4.7.3"
     const val mockito = "3.11.2"
     const val maven_ant_tasks = "2.1.3"
-    const val mockito_inline = "4.6.0"
 
     const val mockwebserver = "3.10.0"
 
@@ -86,7 +85,6 @@ object Dependencies {
     const val testing_robolectric = "org.robolectric:robolectric:${Versions.robolectric}"
     const val testing_robolectric_playservices = "org.robolectric:shadows-playservices:${Versions.robolectric}"
     const val testing_mockito = "org.mockito:mockito-core:${Versions.mockito}"
-    const val testing_mockito_inline = "org.mockito:mockito-inline:${Versions.mockito_inline}"
     const val testing_mockwebserver = "com.squareup.okhttp3:mockwebserver:${Versions.mockwebserver}"
     const val testing_coroutines = "org.jetbrains.kotlinx:kotlinx-coroutines-test:${Versions.coroutines}"
     const val testing_maven_ant_tasks = "org.apache.maven:maven-ant-tasks:${Versions.maven_ant_tasks}"

buildSrc/src/main/java/Gecko.kt

@@ -9,7 +9,7 @@ object Gecko {
     /**
      * GeckoView Version.
      */
-    const val version = "103.0.20220614082301"
+    const val version = "103.0.20220615093700"
 
     /**
      * GeckoView channel

components/browser/engine-gecko/src/main/java/mozilla/components/browser/engine/gecko/GeckoEngineSession.kt

@@ -1144,6 +1144,7 @@ class GeckoEngineSession(
                 WebRequestError.ERROR_SAFEBROWSING_HARMFUL_URI -> ErrorType.ERROR_SAFEBROWSING_HARMFUL_URI
                 WebRequestError.ERROR_SAFEBROWSING_PHISHING_URI -> ErrorType.ERROR_SAFEBROWSING_PHISHING_URI
                 WebRequestError.ERROR_HTTPS_ONLY -> ErrorType.ERROR_HTTPS_ONLY
+                WebRequestError.ERROR_BAD_HSTS_CERT -> ErrorType.ERROR_BAD_HSTS_CERT
                 else -> ErrorType.UNKNOWN
             }
     }

components/browser/engine-gecko/src/test/java/mozilla/components/browser/engine/gecko/GeckoEngineSessionTest.kt

@@ -1963,6 +1963,10 @@ class GeckoEngineSessionTest {
             ErrorType.ERROR_HTTPS_ONLY,
             GeckoEngineSession.geckoErrorToErrorType(WebRequestError.ERROR_HTTPS_ONLY)
         )
+        assertEquals(
+            ErrorType.ERROR_BAD_HSTS_CERT,
+            GeckoEngineSession.geckoErrorToErrorType(WebRequestError.ERROR_BAD_HSTS_CERT)
+        )
     }
 
     @Test

components/browser/errorpages/src/main/assets/errorPageScripts.js

@@ -12,6 +12,7 @@ function parseQuery(queryString) {
    const query = Object.fromEntries(new URLSearchParams(queryString).entries());
    injectValues(query)
    updateShowSSL(query)
+   updateShowHSTS(query)
 };
 
 /**
@@ -32,6 +33,7 @@ function injectValues(queryMap) {
     document.getElementById('badCertTechnicalInfo').innerHTML = queryMap.badCertTechInfo
     document.getElementById('advancedPanelBackButton').innerHTML = queryMap.badCertGoBack
     document.getElementById('advancedPanelAcceptButton').innerHTML = queryMap.badCertAcceptTemporary
+    document.getElementById('advancedPanelAcceptButton').s = queryMap.badCertAcceptTemporary
 
     // If no image is passed in, remove the element so as not to leave an empty iframe
     const errorImage = document.getElementById('errorImage');
@@ -69,6 +71,24 @@ function updateShowSSL(queryMap) {
     }
 }
 
+/**
+ * Used to show or hide the "advanced" button based for the HSTS error page
+ */
+function updateShowHSTS(queryMap) {
+    /** @type {'true' | 'false'} */
+    const showHSTS = queryMap.showHSTS;
+    if (typeof document.addCertException === "undefined") {
+        document.getElementById('advancedButton').style.display='none';
+    } else {
+        if (showHSTS === 'true') {
+            document.getElementById('advancedButton').style.display='block';
+            document.getElementById('advancedPanelAcceptButton').style.display='none';
+        } else {
+            document.getElementById('advancedButton').style.display='none';
+        }
+    }
+}
+
 /**
  * Used to display information about the SSL certificate in `error_pages.html`
  */

components/browser/errorpages/src/main/java/mozilla/components/browser/errorpages/ErrorPages.kt

@@ -39,10 +39,19 @@ object ErrorPages {
         val imageName = if (errorType.imageNameRes != null) context.getString(errorType.imageNameRes) + ".svg" else ""
         val continueHttpButton = context.getString(R.string.mozac_browser_errorpages_httpsonly_button)
         val badCertAdvanced = context.getString(R.string.mozac_browser_errorpages_security_bad_cert_advanced)
-        val badCertTechInfo = context.getString(
-            R.string.mozac_browser_errorpages_security_bad_cert_techInfo,
-            context.appName, uri.toString()
-        )
+        val badCertTechInfo = when (errorType) {
+            ErrorType.ERROR_SECURITY_BAD_CERT ->
+                context.getString(
+                    R.string.mozac_browser_errorpages_security_bad_cert_techInfo,
+                    context.appName, uri.toString()
+                )
+            ErrorType.ERROR_BAD_HSTS_CERT -> context.getString(
+                R.string.mozac_browser_errorpages_security_bad_hsts_cert_techInfo,
+                uri.toString().trim('/'), context.appName
+            )
+            else -> ""
+        }
+
         val badCertGoBack = context.getString(R.string.mozac_browser_errorpages_security_bad_cert_back)
         val badCertAcceptTemporary = context.getString(
             R.string.mozac_browser_errorpages_security_bad_cert_accept_temporary
@@ -53,6 +62,11 @@ object ErrorPages {
             else -> false
         }.toString()
 
+        val showHSTSAdvanced: String = when (errorType) {
+            ErrorType.ERROR_BAD_HSTS_CERT -> true
+            else -> false
+        }.toString()
+
         val showContinueHttp: String = (errorType == ErrorType.ERROR_HTTPS_ONLY).toString()
 
         /**
@@ -65,6 +79,7 @@ object ErrorPages {
             "&description=${description.urlEncode()}" +
             "&image=${imageName.urlEncode()}" +
             "&showSSL=${showSSLAdvanced.urlEncode()}" +
+            "&showHSTS=${showHSTSAdvanced.urlEncode()}" +
             "&badCertAdvanced=${badCertAdvanced.urlEncode()}" +
             "&badCertTechInfo=${badCertTechInfo.urlEncode()}" +
             "&badCertGoBack=${badCertGoBack.urlEncode()}" +
@@ -222,5 +237,10 @@ enum class ErrorType(
         R.string.mozac_browser_errorpages_httpsonly_title,
         R.string.mozac_browser_errorpages_httpsonly_message,
         imageNameRes = R.string.mozac_error_lock
+    ),
+    ERROR_BAD_HSTS_CERT(
+        R.string.mozac_browser_errorpages_security_bad_hsts_cert_title,
+        R.string.mozac_browser_errorpages_security_bad_hsts_cert_message,
+        imageNameRes = R.string.mozac_error_lock
     )
 }

components/browser/errorpages/src/main/res/values/strings.xml

@@ -46,6 +46,26 @@
     <!-- The text shown inside the advanced options button used to bypass the invalid SSL certificate. It's only shown if the user has expanded the advanced options. -->
     <string name="mozac_browser_errorpages_security_bad_cert_accept_temporary">Accept the Risk and Continue</string>
 
+    <!-- The document title and heading of the error page shown when a website uses HSTS. -->
+    <string name="mozac_browser_errorpages_security_bad_hsts_cert_title">This website requires a secure connection.</string>
+    <!-- The error message shown when a website uses HSTS. -->
+    <string name="mozac_browser_errorpages_security_bad_hsts_cert_message"><![CDATA[
+      <ul>
+         <li>The page you are trying to view cannot be shown because this website requires a secure connection.</li>
+         <li>The issue is most likely with the website, and there is nothing you can do to resolve it.</li>
+         <li>You can notify the website’s administrator about the problem.</li>
+      </ul>
+    ]]></string>
+
+    <!-- The text shown inside the advanced button used to expand the advanced options. It's only shown when a website uses HSTS. -->
+    <string name="mozac_browser_errorpages_security_bad_hsts_cert_advanced">Advanced…</string>
+    <!-- The advanced certificate information shown when a website uses HSTS. The %1$s will be replaced by the website URL and %2$s will be replaced by the app name. It's only shown when a website uses HSTS. -->
+    <string name="mozac_browser_errorpages_security_bad_hsts_cert_techInfo"><![CDATA[
+        <label> <b>%1$s</b> has a security policy called HTTP Strict Transport Security (HSTS), which means that <b>%2$s</b> can only connect to it securely. You can’t add an exception to visit this site.
+    ]]></string>
+    <!-- The text shown inside the advanced options button used to go back. It's only shown if the user has expanded the advanced options. -->
+    <string name="mozac_browser_errorpages_security_bad_hsts_cert_back">Go Back</string>
+
     <!-- The document title and heading of the error page shown when the user's network connection is interrupted while connecting to a website. -->
     <string name="mozac_browser_errorpages_net_interrupt_title">The connection was interrupted</string>
     <!-- The error message shown when the user's network connection is interrupted while connecting to a website. -->

components/browser/errorpages/src/test/java/mozilla/components/browser/errorpages/ErrorPagesTest.kt

@@ -75,6 +75,7 @@ class ErrorPagesTest {
         assertUrlEncodingIsValid(ErrorType.ERROR_SAFEBROWSING_HARMFUL_URI)
         assertUrlEncodingIsValid(ErrorType.ERROR_SAFEBROWSING_PHISHING_URI)
         assertUrlEncodingIsValid(ErrorType.ERROR_HTTPS_ONLY)
+        assertUrlEncodingIsValid(ErrorType.ERROR_BAD_HSTS_CERT)
     }
 
     private fun assertUrlEncodingIsValid(errorType: ErrorType) {

components/feature/prompts/src/main/java/mozilla/components/feature/prompts/PromptFeature.kt

@@ -43,13 +43,12 @@ import mozilla.components.concept.engine.prompt.PromptRequest.TextPrompt
 import mozilla.components.concept.engine.prompt.PromptRequest.TimeSelection
 import mozilla.components.concept.storage.CreditCardEntry
 import mozilla.components.concept.storage.CreditCardValidationDelegate
-import mozilla.components.concept.storage.Login
 import mozilla.components.concept.storage.LoginEntry
 import mozilla.components.concept.storage.LoginValidationDelegate
 import mozilla.components.feature.prompts.address.AddressDelegate
 import mozilla.components.feature.prompts.address.AddressPicker
 import mozilla.components.feature.prompts.address.DefaultAddressDelegate
-import mozilla.components.feature.prompts.concept.SelectablePromptView
+import mozilla.components.feature.prompts.creditcard.CreditCardDelegate
 import mozilla.components.feature.prompts.creditcard.CreditCardPicker
 import mozilla.components.feature.prompts.creditcard.CreditCardSaveDialogFragment
 import mozilla.components.feature.prompts.dialog.AlertDialogFragment
@@ -70,6 +69,7 @@ import mozilla.components.feature.prompts.dialog.TimePickerDialogFragment
 import mozilla.components.feature.prompts.facts.emitSuccessfulAddressAutofillFormDetectedFact
 import mozilla.components.feature.prompts.facts.emitSuccessfulCreditCardAutofillFormDetectedFact
 import mozilla.components.feature.prompts.file.FilePicker
+import mozilla.components.feature.prompts.login.LoginDelegate
 import mozilla.components.feature.prompts.login.LoginExceptions
 import mozilla.components.feature.prompts.login.LoginPicker
 import mozilla.components.feature.prompts.share.DefaultShareDelegate
@@ -126,16 +126,8 @@ internal const val FRAGMENT_TAG = "mozac_feature_prompt_dialog"
  * will be shown.
  * @property loginExceptionStorage An implementation of [LoginExceptions] that saves and checks origins
  * the user does not want to see a save login dialog for.
- * @property loginPickerView The [SelectablePromptView] used for [LoginPicker] to display a
- * selectable prompt list of login options.
- * @property onManageLogins A callback invoked when a user selects "manage logins" from the
- * select login prompt.
- * @property creditCardPickerView The [SelectablePromptView] used for [CreditCardPicker] to display
- * a selectable prompt list of credit card options.
- * @property onManageCreditCards A callback invoked when a user selects "Manage credit cards" from
- * the select credit card prompt.
- * @property onSelectCreditCard A callback invoked when a user selects a credit card from the
- * select credit card prompt.
+ * @property loginDelegate Delegate for login picker.
+ * @property creditCardDelegate Delegate for credit card picker.
  * @property addressDelegate Delegate for address picker.
  * @property onNeedToRequestPermissions A callback invoked when permissions
  * need to be requested before a prompt (e.g. a file picker) can be displayed.
@@ -154,11 +146,8 @@ class PromptFeature private constructor(
     private val isCreditCardAutofillEnabled: () -> Boolean = { false },
     private val isAddressAutofillEnabled: () -> Boolean = { false },
     override val loginExceptionStorage: LoginExceptions? = null,
-    private val loginPickerView: SelectablePromptView<Login>? = null,
-    private val onManageLogins: () -> Unit = {},
-    private val creditCardPickerView: SelectablePromptView<CreditCardEntry>? = null,
-    private val onManageCreditCards: () -> Unit = {},
-    private val onSelectCreditCard: () -> Unit = {},
+    private val loginDelegate: LoginDelegate = object : LoginDelegate {},
+    private val creditCardDelegate: CreditCardDelegate = object : CreditCardDelegate {},
     private val addressDelegate: AddressDelegate = DefaultAddressDelegate(),
     onNeedToRequestPermissions: OnNeedToRequestPermissions
 ) : LifecycleAwareFeature,
@@ -195,11 +184,8 @@ class PromptFeature private constructor(
         isCreditCardAutofillEnabled: () -> Boolean = { false },
         isAddressAutofillEnabled: () -> Boolean = { false },
         loginExceptionStorage: LoginExceptions? = null,
-        loginPickerView: SelectablePromptView<Login>? = null,
-        onManageLogins: () -> Unit = {},
-        creditCardPickerView: SelectablePromptView<CreditCardEntry>? = null,
-        onManageCreditCards: () -> Unit = {},
-        onSelectCreditCard: () -> Unit = {},
+        loginDelegate: LoginDelegate = object : LoginDelegate {},
+        creditCardDelegate: CreditCardDelegate = object : CreditCardDelegate {},
         addressDelegate: AddressDelegate = DefaultAddressDelegate(),
         onNeedToRequestPermissions: OnNeedToRequestPermissions
     ) : this(
@@ -215,11 +201,8 @@ class PromptFeature private constructor(
         isAddressAutofillEnabled = isAddressAutofillEnabled,
         loginExceptionStorage = loginExceptionStorage,
         onNeedToRequestPermissions = onNeedToRequestPermissions,
-        loginPickerView = loginPickerView,
-        onManageLogins = onManageLogins,
-        creditCardPickerView = creditCardPickerView,
-        onManageCreditCards = onManageCreditCards,
-        onSelectCreditCard = onSelectCreditCard,
+        loginDelegate = loginDelegate,
+        creditCardDelegate = creditCardDelegate,
         addressDelegate = addressDelegate
     )
 
@@ -235,11 +218,8 @@ class PromptFeature private constructor(
         isCreditCardAutofillEnabled: () -> Boolean = { false },
         isAddressAutofillEnabled: () -> Boolean = { false },
         loginExceptionStorage: LoginExceptions? = null,
-        loginPickerView: SelectablePromptView<Login>? = null,
-        onManageLogins: () -> Unit = {},
-        creditCardPickerView: SelectablePromptView<CreditCardEntry>? = null,
-        onManageCreditCards: () -> Unit = {},
-        onSelectCreditCard: () -> Unit = {},
+        loginDelegate: LoginDelegate = object : LoginDelegate {},
+        creditCardDelegate: CreditCardDelegate = object : CreditCardDelegate {},
         addressDelegate: AddressDelegate = DefaultAddressDelegate(),
         onNeedToRequestPermissions: OnNeedToRequestPermissions
     ) : this(
@@ -255,30 +235,33 @@ class PromptFeature private constructor(
         isAddressAutofillEnabled = isAddressAutofillEnabled,
         loginExceptionStorage = loginExceptionStorage,
         onNeedToRequestPermissions = onNeedToRequestPermissions,
-        loginPickerView = loginPickerView,
-        onManageLogins = onManageLogins,
-        creditCardPickerView = creditCardPickerView,
-        onManageCreditCards = onManageCreditCards,
-        onSelectCreditCard = onSelectCreditCard,
+        loginDelegate = loginDelegate,
+        creditCardDelegate = creditCardDelegate,
         addressDelegate = addressDelegate
     )
 
     private val filePicker = FilePicker(container, store, customTabId, onNeedToRequestPermissions)
 
     @VisibleForTesting(otherwise = PRIVATE)
     internal var loginPicker =
-        loginPickerView?.let { LoginPicker(store, it, onManageLogins, customTabId) }
+        with(loginDelegate) {
+            loginPickerView?.let {
+                LoginPicker(store, it, onManageLogins, customTabId)
+            }
+        }
 
     @VisibleForTesting(otherwise = PRIVATE)
     internal var creditCardPicker =
-        creditCardPickerView?.let {
-            CreditCardPicker(
-                store = store,
-                creditCardSelectBar = it,
-                manageCreditCardsCallback = onManageCreditCards,
-                selectCreditCardCallback = onSelectCreditCard,
-                sessionId = customTabId
-            )
+        with(creditCardDelegate) {
+            creditCardPickerView?.let {
+                CreditCardPicker(
+                    store = store,
+                    creditCardSelectBar = it,
+                    manageCreditCardsCallback = onManageCreditCards,
+                    selectCreditCardCallback = onSelectCreditCard,
+                    sessionId = customTabId
+                )
+            }
         }
 
     @VisibleForTesting(otherwise = PRIVATE)
@@ -922,7 +905,7 @@ class PromptFeature private constructor(
 
         (activePromptRequest as? SelectLoginPrompt)?.let { selectLoginPrompt ->
             loginPicker?.let { loginPicker ->
-                if (loginPickerView?.asView()?.isVisible == true) {
+                if (loginDelegate.loginPickerView?.asView()?.isVisible == true) {
                     loginPicker.dismissCurrentLoginSelect(selectLoginPrompt)
                     result = true
                 }
@@ -931,7 +914,7 @@ class PromptFeature private constructor(
 
         (activePromptRequest as? SelectCreditCard)?.let { selectCreditCardPrompt ->
             creditCardPicker?.let { creditCardPicker ->
-                if (creditCardPickerView?.asView()?.isVisible == true) {
+                if (creditCardDelegate.creditCardPickerView?.asView()?.isVisible == true) {
                     creditCardPicker.dismissSelectCreditCardRequest(selectCreditCardPrompt)
                     result = true
                 }

components/feature/prompts/src/main/java/mozilla/components/feature/prompts/creditcard/CreditCardDelegate.kt

@@ -0,0 +1,34 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+package mozilla.components.feature.prompts.creditcard
+
+import mozilla.components.concept.storage.CreditCardEntry
+import mozilla.components.feature.prompts.concept.SelectablePromptView
+
+/**
+ * Delegate for credit card picker and related callbacks
+ */
+interface CreditCardDelegate {
+    /**
+     * The [SelectablePromptView] used for [CreditCardPicker] to display a
+     * selectable prompt list of credit cards.
+     */
+    val creditCardPickerView: SelectablePromptView<CreditCardEntry>?
+        get() = null
+
+    /**
+     * Callback invoked when a user selects "Manage credit cards"
+     * from the select credit card prompt.
+     */
+    val onManageCreditCards: () -> Unit
+        get() = {}
+
+    /**
+     * Callback invoked when a user selects a credit card option
+     * from the select credit card prompt
+     */
+    val onSelectCreditCard: () -> Unit
+        get() = {}
+}