wip: export window handle to d-bus

Author: iinuwa

credentialsd-common/src/server.rs

@@ -7,7 +7,8 @@ use serde::{
     de::{DeserializeSeed, Error, Visitor},
 };
 use zvariant::{
-    self, Array, DeserializeDict, DynamicDeserialize, LE, NoneValue, Optional, OwnedValue, SerializeDict, Signature, Structure, StructureBuilder, Type, Value, signature::Fields
+    self, Array, DeserializeDict, DynamicDeserialize, LE, NoneValue, Optional, OwnedValue,
+    SerializeDict, Signature, Structure, StructureBuilder, Type, Value, signature::Fields,
 };
 
 use crate::model::{BackgroundEvent, Operation, RequestingApplication};
@@ -622,7 +623,7 @@ pub struct ViewRequest {
     pub requesting_app: RequestingApplication,
 
     /// Client window handle.
-    pub window_handle: WindowHandle,
+    pub window_handle: Optional<WindowHandle>,
 }
 
 #[derive(Type, PartialEq, Debug)]
@@ -643,33 +644,38 @@ impl NoneValue for WindowHandle {
 impl Serialize for WindowHandle {
     fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
     where
-        S: serde::Serializer {
+        S: serde::Serializer,
+    {
         serializer.serialize_str(&self.to_string())
     }
 }
 
-impl <'de> Deserialize<'de> for WindowHandle {
+impl<'de> Deserialize<'de> for WindowHandle {
     fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
     where
-        D: serde::Deserializer<'de> {
-        deserializer.deserialize_str(WindowHandleVisitor { })
+        D: serde::Deserializer<'de>,
+    {
+        deserializer.deserialize_str(WindowHandleVisitor {})
     }
 }
 
 struct WindowHandleVisitor;
 
-impl <'de> Visitor<'de> for WindowHandleVisitor {
+impl<'de> Visitor<'de> for WindowHandleVisitor {
     type Value = WindowHandle;
 
     fn expecting(&self, f: &mut std::fmt::Formatter) -> std::fmt::Result {
-        write!(f, "a window handle formatted as `<window system>:<handle value>`")
+        write!(
+            f,
+            "a window handle formatted as `<window system>:<handle value>`"
+        )
     }
 
     fn visit_borrowed_str<E>(self, v: &'de str) -> Result<Self::Value, E>
-        where
-            E: serde::de::Error, {
-                v.try_into().map_err(E::custom)
-
+    where
+        E: serde::de::Error,
+    {
+        v.try_into().map_err(E::custom)
     }
 }
 
@@ -686,8 +692,8 @@ impl TryFrom<&str> for WindowHandle {
 
     fn try_from(value: &str) -> Result<Self, Self::Error> {
         match value.split_once(':') {
-            Some(("x11", handle)) => { Ok(Self::X11(handle.to_string())) },
-            Some(("wayland", xid)) => { Ok(Self::Wayland(xid.to_string())) },
+            Some(("x11", handle)) => Ok(Self::X11(handle.to_string())),
+            Some(("wayland", xid)) => Ok(Self::Wayland(xid.to_string())),
             Some((window_system, _)) => Err(format!("Unknown windowing system: {window_system}")),
             None => Err("Invalid window handle string format".to_string()),
         }

credentialsd-ui/Cargo.lock

@@ -6,7 +6,7 @@ authors = ["Isaiah Inuwa <[email protected]>", "Martin Sirringhaus <martin.
 license = "LGPL-3.0-only"
 
 [dependencies]
-ashpd = { version = "0.12.0", features = ["backend", "gtk4_wayland", "gtk4_x11", "wayland"] }
+ashpd = { version = "0.12.0", features = ["async-std", "backend", "gtk4_wayland", "gtk4_x11", "wayland"], default-features = false }
 async-std = { version = "1.13.1", features = ["unstable"] }
 credentialsd-common = { path = "../credentialsd-common" }
 futures-lite = "2.6.0"

credentialsd-ui/Cargo.toml

@@ -1,10 +1,9 @@
 pub mod view_model;
 
-use std::str::FromStr;
 use std::thread;
 use std::{sync::Arc, thread::JoinHandle};
 
-use ashpd::{WindowIdentifier, WindowIdentifierType};
+use ashpd::{WindowIdentifierType};
 use async_std::{channel::Receiver, sync::Mutex as AsyncMutex};
 
 use credentialsd_common::server::ViewRequest;
@@ -29,9 +28,13 @@ fn run_gui<F: FlowController + Send + Sync + 'static>(
     flow_controller: Arc<AsyncMutex<F>>,
     request: ViewRequest,
 ) {
-    let parent_window = WindowIdentifierType::from_str(&request.window_handle.to_string())
-        .inspect_err(|err| tracing::warn!("Failed to parse parent window handle: {err}"))
-        .ok();
+    let parent_window: Option<WindowIdentifierType> =
+        request.window_handle.as_ref().and_then(|h| {
+            h.to_string()
+                .parse()
+                .inspect_err(|err| tracing::warn!("Failed to parse parent window handle: {err}"))
+                .ok()
+        });
 
     let (tx_update, rx_update) = async_std::channel::unbounded::<ViewUpdate>();
     let (tx_event, rx_event) = async_std::channel::unbounded::<ViewEvent>();

credentialsd-ui/src/gui/mod.rs

@@ -1,5 +1,6 @@
 #!/usr/bin/env python3
 from contextlib import closing
+import functools
 import json
 import math
 import os
@@ -18,8 +19,9 @@
 import gi
 
 gi.require_version("Gtk", "4.0")
+gi.require_version("GdkWayland", "4.0")
 gi.require_version("Adw", "1")
-from gi.repository import Gio, GObject, Gtk, Adw  # noqa: E402
+from gi.repository import GdkWayland, Gio, GObject, Gtk, Adw  # noqa: E402
 
 import webauthn  # noqa: E402
 import util  # noqa: E402
@@ -72,6 +74,9 @@ def on_register(self, *args):
         now = math.floor(time.time())
         cur = DB.cursor()
         username = self.username.get_text()
+        if not username:
+            print("Username is required")
+            return
         cur.execute(
             "select user_id, user_handle from users where username = ?", (username,)
         )
@@ -87,34 +92,40 @@ def on_register(self, *args):
             )
         options = self._get_registration_options(user_handle, username)
         print(f"registration options: {options}")
-        auth_data = create_passkey(INTERFACE, self.origin, self.origin, options)
-        if not user_id:
-            cur.execute(
-                "insert into users (username, user_handle, created_time) values (?, ?, ?)",
-                (username, user_handle, now),
-            )
-            user_id = cur.lastrowid
-        params = {
-            "user_handle": user_handle,
-            "cred_id": auth_data.cred_id,
-            "aaguid": str(uuid.UUID(bytes=bytes(auth_data.aaguid))),
-            "sign_count": None if auth_data.sign_count == 0 else auth_data.sign_count,
-            "backup_eligible": 1 if "BE" in auth_data.flags else 0,
-            "backup_state": 1 if "BS" in auth_data.flags else 0,
-            "uv_initialized": 1 if "UV" in auth_data.flags else 0,
-            "cose_pub_key": auth_data.pub_key_bytes,
-            "created_time": now,
-        }
-
-        add_passkey_sql = """
-            insert into user_passkeys
-            (user_handle, cred_id, aaguid, sign_count, backup_eligible, backup_state, uv_initialized, cose_pub_key, created_time)
-            values
-            (:user_handle, :cred_id, :aaguid, :sign_count, :backup_eligible, :backup_state, :uv_initialized, :cose_pub_key, :created_time)
-        """
-        cur.execute(add_passkey_sql, params)
-        print("Added passkey")
-        DB.commit()
+        def cb(user_id, toplevel, handle):
+            cur = DB.cursor()
+            window_handle = "wayland:{handle}"
+            auth_data = create_passkey(INTERFACE, window_handle, self.origin, self.origin, options)
+            if not user_id:
+                cur.execute(
+                    "insert into users (username, user_handle, created_time) values (?, ?, ?)",
+                    (username, user_handle, now),
+                )
+                user_id = cur.lastrowid
+            params = {
+                "user_handle": user_handle,
+                "cred_id": auth_data.cred_id,
+                "aaguid": str(uuid.UUID(bytes=bytes(auth_data.aaguid))),
+                "sign_count": None if auth_data.sign_count == 0 else auth_data.sign_count,
+                "backup_eligible": 1 if "BE" in auth_data.flags else 0,
+                "backup_state": 1 if "BS" in auth_data.flags else 0,
+                "uv_initialized": 1 if "UV" in auth_data.flags else 0,
+                "cose_pub_key": auth_data.pub_key_bytes,
+                "created_time": now,
+            }
+
+            add_passkey_sql = """
+                insert into user_passkeys
+                (user_handle, cred_id, aaguid, sign_count, backup_eligible, backup_state, uv_initialized, cose_pub_key, created_time)
+                values
+                (:user_handle, :cred_id, :aaguid, :sign_count, :backup_eligible, :backup_state, :uv_initialized, :cose_pub_key, :created_time)
+            """
+            cur.execute(add_passkey_sql, params)
+            print("Added passkey")
+            DB.commit()
+            cur.close()
+        toplevel = self.get_surface()
+        toplevel.export_handle(functools.partial(cb, user_id))
         cur.close()
 
     @Gtk.Template.Callback()
@@ -202,17 +213,27 @@ def retrieve_user_cred(
                         return user_cred
                     else:
                         return None
+        def cb(toplevel, window_handle):
+            print(f"received window handle: {window_handle}")
+            window_handle = f"wayland:{window_handle}"
+
+            auth_data = get_passkey(
+                INTERFACE,
+                window_handle,
+                self.origin,
+                self.origin,
+                self.rp_id,
+                cred_ids,
+                retrieve_user_cred,
+            )
+            print("Received passkey:")
+            pprint(auth_data)
 
-        auth_data = get_passkey(
-            INTERFACE,
-            self.origin,
-            self.origin,
-            self.rp_id,
-            cred_ids,
-            retrieve_user_cred,
-        )
-        print("Received passkey:")
-        pprint(auth_data)
+        toplevel = self.get_surface()
+        print(type(toplevel))
+        toplevel.export_handle(cb)
+        print("Waiting for handle to complete")
+        # event.wait()
 
     @GObject.Property(type=Gtk.StringList)
     def uv_pref(self):
@@ -281,7 +302,7 @@ def on_activate(self, app):
 
 
 def create_passkey(
-    interface: ProxyInterface, origin: str, top_origin: str, options: dict
+    interface: ProxyInterface, window_handle: str, origin: str, top_origin: str, options: dict
 ) -> webauthn.AuthenticatorData:
     is_same_origin = origin == top_origin
     print(
@@ -298,7 +319,7 @@ def create_passkey(
         "publicKey": Variant("a{sv}", {"request_json": Variant("s", req_json)}),
     }
 
-    rsp = interface.call_create_credential_sync(req)
+    rsp = interface.call_create_credential_sync([req, window_handle])
 
     # print("Received response")
     # pprint(rsp)
@@ -313,7 +334,7 @@ def create_passkey(
     return webauthn.verify_create_response(response_json, options, origin)
 
 
-def get_passkey(interface, origin, top_origin, rp_id, cred_ids, cred_lookup_fn):
+def get_passkey(interface, window_handle, origin, top_origin, rp_id, cred_ids, cred_lookup_fn):
     is_same_origin = origin == top_origin
     options = {
         "challenge": util.b64_encode(secrets.token_bytes(16)),
@@ -337,7 +358,7 @@ def get_passkey(interface, origin, top_origin, rp_id, cred_ids, cred_lookup_fn):
         "publicKey": Variant("a{sv}", {"request_json": Variant("s", req_json)}),
     }
 
-    rsp = interface.call_get_credential_sync(req)
+    rsp = interface.call_get_credential_sync([req, window_handle])
     # print("Received response")
     # pprint(rsp)
     if rsp["type"].value != "public-key":

demo_client/gui.py

@@ -9,11 +9,11 @@
   </interface>
   <interface name="xyz.iinuwa.credentialsd.Credentials1">
     <method name="CreateCredential">
-      <arg name="request" type="a{sv}" direction="in"/>
+      <arg name="request" type="(a{sv}s)" direction="in"/>
       <arg type="a{sv}" direction="out"/>
     </method>
     <method name="GetCredential">
-      <arg name="request" type="a{sv}" direction="in"/>
+      <arg name="request" type="(a{sv}s)" direction="in"/>
       <arg type="a{sv}" direction="out"/>
     </method>
     <method name="GetClientCapabilities">