Create consent page

WE2-761

Signed-off-by: Raul Metsma <[email protected]>

package.json

@@ -25,6 +25,7 @@
     "@typescript-eslint/eslint-plugin": "^5.4.0",
     "@typescript-eslint/parser": "^5.4.0",
     "archiver": "^5.3.0",
+    "bootstrap": "^5.3.0-alpha1",
     "eslint": "^8.2.0",
     "fs-extra": "^10.0.0",
     "glob": "^7.2.0",

scripts/build.mjs

@@ -16,7 +16,7 @@ const targets = {
   async clean() {
     rem(
       "Cleaning the dist directory"
-    )
+    );
     await rm("./dist");
   },
 
@@ -48,12 +48,12 @@ const targets = {
 
     rem(
       "Preparing the Firefox dist directory"
-    )
+    );
     await cp("./dist/src", "./dist/firefox");
 
     rem(
       "Preparing the Safari dist directory"
-    )
+    );
     await cp("./dist/src", "./dist/safari");
     await cp("./dist/safari/background-safari", "./dist/safari/background");
     await rm("./dist/safari/background-safari");
@@ -83,6 +83,13 @@ const targets = {
     await cp("./static/icons", "./dist/firefox/icons");
     await cp("./static/icons", "./dist/safari");
 
+    rem(
+      "Copying static pages"
+    );
+    await cp("./static/_locales", "./dist/firefox/_locales");
+    await cp("./static/views", "./dist/firefox/views");
+    await cp("./node_modules/bootstrap/dist/css/bootstrap.min.css", "./dist/firefox/views/bootstrap.min.css");
+
     rem(
       "Preparing the Chrome dist directory for:",
       "- Google Chrome",

src/background/background.ts

@@ -32,6 +32,11 @@ import getSigningCertificate from "./actions/getSigningCertificate";
 import sign from "./actions/sign";
 import status from "./actions/status";
 
+async function showConsent() {
+  const url = browser.runtime.getURL("views/installed.html");
+  return await browser.tabs.create({ url, active: true });
+}
+
 async function onAction(message: ExtensionRequest, sender: MessageSender): Promise<void | object> {
   switch (message.action) {
     case Action.AUTHENTICATE:
@@ -103,6 +108,13 @@ async function onTokenSigningAction(message: TokenSigningMessage, sender: Messag
   }
 }
 
+browser.runtime.onInstalled.addListener(async ({ reason, temporary }) => {
+  if (temporary) return;
+  if (reason == "install") {
+    await showConsent();
+  }
+});
+
 browser.runtime.onMessage.addListener((message, sender, sendResponse) => {
   if ((message as ExtensionRequest).action) {
     onAction(message, sender).then(sendResponse);

src/models/Browser/Runtime.ts

@@ -21,6 +21,19 @@
  */
 
 export default interface Runtime {
+  /**
+   * Fired when the extension is first installed, when the extension is updated to a new version, and when the browser is
+   * updated to a new version.
+   *
+   * Note that runtime.onInstalled is not the same as management.onInstalled. The runtime.onInstalled event is fired only
+   * for your extension. The browser.management.onInstalled event is fired for any extensions.
+   *
+   * @see https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/runtime/onInstalled
+   */
+  onInstalled: {
+    addListener: (callback: OnInstalledCallback) => void;
+  };
+
   /**
    * A string representing the extension ID.
    *
@@ -126,6 +139,16 @@ export interface Port {
   sender?: any;
 }
 
+export type OnInstallReason = "install" | "update" | "chrome_update" | "shared_module_update";
+
+export interface OnInstalledDetails {
+  id?: string;
+  previousVersion?: string;
+  reason: OnInstallReason;
+  temporary: boolean;
+}
+
+export type OnInstalledCallback = (details: OnInstalledDetails, sender: MessageSender, sendResponse?: any) => Promise<any> | void | boolean;
 export type OnMessageCallback = (message: any, sender: MessageSender, sendResponse?: any) => Promise<any> | void | boolean;
 
 export interface MessageSender {

src/models/Browser/Tabs.ts

@@ -20,13 +20,35 @@
  * SOFTWARE.
  */
 
+export type CreateProperties = {
+  active?: boolean,
+  index?: number,
+  openerTabId?: number,
+  pinned?: boolean,
+  selected?: boolean,
+  url?: string,
+  windowId?: number,
+};
+
+export type CreateCallback = (tab: object /* Tab */) => void;
+
 export default interface Tabs {
 
   /**
    * A special ID value given to tabs that are not browser tabs (for example, tabs in devtools windows).
    */
   TAB_ID_NONE: number;
 
+  /**
+   * Creates a new tab.
+   *
+   * @see https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/tabs/create
+   */
+  create: (
+    createProperties: CreateProperties,
+    callback?: CreateCallback
+  ) => Promise<object /* Tab */>;
+
   /**
    * Sends a single message from the extension's background scripts (or other privileged scripts,
    * such as popup scripts or options page scripts) to any content scripts or extension pages/iframes

static/_locales/en/messages.json

@@ -0,0 +1,28 @@
+{
+  "title": {
+    "message": "Web eID Data Protection Terms",
+    "description": "Title"
+  },
+  "content": {
+    "message": "Web eID transmits the following data that personally identifies you to the e-service:<ul><li>the user`s certificate for authentication or signing;</li><li>URL of the website origin for authentication.</li></ul>The transfer of personal data is necessary for the functioning of authentication and digital signing. Transmitted data is not stored. If you do not agree to the transfer of data then we recommend you to remove the Web eID extension.<br />Full details about the personal data we transmit and what we do with it are provided in our <a href=\"$URL$\" target=\"_blank\">Data Protection Terms</a>.",
+    "description": "Content",
+    "placeholders": {
+      "url" : {
+        "content" : "$1",
+        "example" : "https://addons.mozilla.org/en-US/firefox/addon/web-eid-webextension/privacy/"
+      }
+    }
+  },
+  "error": {
+    "message": "To remove the Web eID extension, uninstall ID-software. You can find instructions from <a href=\"https://id.ee\">id.ee</a> website.",
+    "description": "Uninstall error"
+  },
+  "agree": {
+    "message": "Accept the terms",
+    "description": "Agree button."
+  },
+  "uninstall": {
+    "message": "Remove Web eID",
+    "description": "Uninstall button."
+  }
+}

static/_locales/et/messages.json

@@ -0,0 +1,28 @@
+{
+  "title": {
+    "message": "Web eID andmekaitsetingimused",
+    "description": "Title"
+  },
+  "content": {
+    "message": "Web eID edastab e-teenusele järgmised teie isikut identifitseerivad andmed:<ul><li>kasutaja sertifikaat autentimiseks või allkirjastamiseks;</li><li>veebisaidi aadress (URL) autentimiseks.</li></ul>Isikuandmete edastamine on vajalik autentimise ja digiallkirjastamise toimimiseks. Edastatavaid andmeid ei sälilitata. Kui te ei nõustu andmete edastamisega, siis soovitame teil Web eID laienduse eemaldada.<br />Täpsem info isikuandmete edastamise ja nende kasutamise kohta on leitav <a href=\"$URL$\" target=\"_blank\">andmekaitsetingimustest</a>.",
+    "description": "Content",
+    "placeholders": {
+      "url" : {
+        "content" : "$1",
+        "example" : "https://addons.mozilla.org/en-US/firefox/addon/web-eid-webextension/privacy/"
+      }
+    }
+  },
+  "error": {
+    "message": "Web eID laienduse eemaldamiseks kustutage ID-tarkvara. Täpsemad juhised on leitavad <a href=\"https://id.ee\">id.ee</a> veebilehelt.",
+    "description": "Uninstall error"
+  },
+  "agree": {
+    "message": "Nõustun tingimustega",
+    "description": "Agree button."
+  },
+  "uninstall": {
+    "message": "Eemalda Web eID",
+    "description": "Uninstall button."
+  }
+}

static/_locales/ru/messages.json

@@ -0,0 +1,28 @@
+{
+  "title": {
+    "message": "Web eID условия защиты данных",
+    "description": "Title"
+  },
+  "content": {
+    "message": "Web eID передает электронной услуге следующие персональные идентификационные данные:<ul><li>сертификат пользователя для аутентификации или подписи;</li><li>адрес веб-сайта (URL) для аутентификации.</li></ul>Передача персональных данных необходима для работы аутентификации и цифровой подписи. Передаваемые данные не сохраняются. Если вы не согласны на передачу данных, рекомендуем удалить расширение Web eID.<br />Более подробную информацию о передаче персональных данных и их использовании можно найти из <a href=\"$URL$\" target=\"_blank\">условий защиты данных</a>.",
+    "description": "Content",
+    "placeholders": {
+      "url" : {
+        "content" : "$1",
+        "example" : "https://addons.mozilla.org/en-US/firefox/addon/web-eid-webextension/privacy/"
+      }
+    }
+  },
+  "error": {
+    "message": "Чтобы удалить расширение Web eID, удалите программное обеспечение ID. Подробные инструкции можно найти на веб-сайте <a href=\"https://id.ee\">id.ee</a>.",
+    "description": "Uninstall error"
+  },
+  "agree": {
+    "message": "Соглашаюсь с условиями",
+    "description": "Agree button."
+  },
+  "uninstall": {
+    "message": "Удалить Web eID",
+    "description": "Uninstall button."
+  }
+}

static/firefox/manifest.json

@@ -3,6 +3,7 @@
   "name": "Web eID",
   "version": "{{package.version}}",
   "description": "Use your electronic identification card for secure authentication and digital signing.",
+  "default_locale": "en",
   "browser_specific_settings": {
     "gecko": {
       "id": "{e68418bc-f2b0-4459-a9ea-3e72b6751b07}"

static/firefox/manifest_v3.json

@@ -3,6 +3,7 @@
   "name": "Web eID",
   "version": "{{package.version}}",
   "description": "Use your electronic identification card for secure authentication and digital signing.",
+  "default_locale": "en",
   "browser_specific_settings": {
     "gecko": {
       "id": "{e68418bc-f2b0-4459-a9ea-3e72b6751b07}"

static/views/installed.html

@@ -0,0 +1,36 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="UTF-8" />
+    <title>Web-eID Privacy</title>
+    <link rel="stylesheet" href="./bootstrap.min.css" />
+  </head>
+  <body>
+    <div class="modal d-block" tabindex="-1" role="dialog">
+      <div class="modal-dialog modal-dialog-centered">
+        <div class="modal-content">
+          <div class="modal-header">
+            <h5 id="title" class="modal-title">Web eID Data Protection Terms</h5>
+          </div>
+          <div class="modal-body" id="content">
+            Web eID transmits the following data that personally identifies you to the e-service:
+            <ul>
+              <li>the user`s certificate for authentication or signing;</li>
+              <li>URL of the website origin for authentication.</li>
+            </ul>
+            The transfer of personal data is necessary for the functioning of authentication and digital signing.
+            Transmitted data is not stored.
+            If you do not agree to the transfer of data then we recommend you to remove the Web eID extension.<br />
+            Full details about the personal data we transmit and what we do with it are provided in our
+            <a href="https://addons.mozilla.org/en-US/firefox/addon/web-eid-webextension/privacy/" target="_blank">Data Protection Terms</a>.
+          </div>
+          <div class="modal-footer">
+            <button type="button" class="btn btn-secondary" id="uninstall">Remove Web eID</button>
+            <button type="button" class="btn btn-primary" id="agree">Accept the terms</button>
+          </div>
+        </div>
+      </div>
+    </div>
+    <script src="installed.js"></script>
+  </body>
+</html>