matheus23
commented
3 years ago Turns out this PR would fix the secret exchange for users who have the MetaMask extension installed.
The MetaMask extension seems to blindly send postMessages to all tabs and iframes on the page.
Before this PR, this causes the auth lobby to respond with the secrets and delete the secrets, before webnative can pick them up.
After this PR
- We don't delete the secrets upon sending them out (we should just rely on encryption here. No need to do anything else 'just to be sure'. This hurts more than it helps. The secrets will be deleted using the sessionStorage semantics)
- We make sure that we only respond to messages that are intentionally made for us (i.e. that have a "webnative" component to them). Just so we don't confuse extensions with our messages.
And that's on top of that we're storing secrets by exchange DID, just so it's possible to authenticate two apps "roughly at the same time".
Originally I thought this was just too much of an edge case to support. And I weighted this against "exposing as little encrypted data as possible". But I think that's not a valid concern.
Overriding the data and removing the data leads to far more difficult bugs and edge cases to handle in webnative than the safety it privides (which is basically 'none').
This PR should be backwards-compatible: Old webnative versions which don't send their exchange did with to the
/exchange.htmlfile will work just fine (except for concurrent authentication issues this PR fixes).