1 files changed, 42 insertions, 82 deletions
diff --git a/app/scripts/controllers/provider-approval.js b/app/scripts/controllers/provider-approval.js
index 2c9182b52..06c499780 100644
--- a/app/scripts/controllers/provider-approval.js
+++ b/app/scripts/controllers/provider-approval.js
@@ -1,9 +1,11 @@
 const ObservableStore = require('obs-store')
+const SafeEventEmitter = require('safe-event-emitter')
+const createAsyncMiddleware = require('json-rpc-engine/src/createAsyncMiddleware')
 
 /**
  * A controller that services user-approved requests for a full Ethereum provider API
  */
-class ProviderApprovalController {
+class ProviderApprovalController extends SafeEventEmitter {
   /**
    * Determines if caching is enabled
    */
@@ -14,38 +16,44 @@ class ProviderApprovalController {
    *
    * @param {Object} [config] - Options to configure controller
    */
-  constructor ({ closePopup, keyringController, openPopup, platform, preferencesController, publicConfigStore } = {}) {
+  constructor ({ closePopup, keyringController, openPopup, preferencesController } = {}) {
+    super()
     this.approvedOrigins = {}
     this.closePopup = closePopup
     this.keyringController = keyringController
     this.openPopup = openPopup
-    this.platform = platform
     this.preferencesController = preferencesController
-    this.publicConfigStore = publicConfigStore
     this.store = new ObservableStore({
       providerRequests: [],
     })
+  }
 
-    if (platform && platform.addMessageListener) {
-      platform.addMessageListener(({ action = '', force, origin, siteTitle, siteImage }, { tab }) => {
-        if (tab && tab.id) {
-          switch (action) {
-            case 'init-provider-request':
-              this._handleProviderRequest(origin, siteTitle, siteImage, force, tab.id)
-              break
-            case 'init-is-approved':
-              this._handleIsApproved(origin, tab.id)
-              break
-            case 'init-is-unlocked':
-              this._handleIsUnlocked(tab.id)
-              break
-            case 'init-privacy-request':
-              this._handlePrivacyRequest(tab.id)
-              break
-          }
-        }
-      })
-    }
+  /**
+   * Called when a user approves access to a full Ethereum provider API
+   *
+   * @param {object} opts - opts for the middleware contains the origin for the middleware
+   */
+  createMiddleware ({ origin, getSiteMetadata }) {
+    return createAsyncMiddleware(async (req, res, next) => {
+      // only handle requestAccounts
+      if (req.method !== 'eth_requestAccounts') return next()
+      // if already approved or privacy mode disabled, return early
+      const isUnlocked = this.keyringController.memStore.getState().isUnlocked
+      if (this.shouldExposeAccounts(origin) && isUnlocked) {
+        res.result = [this.preferencesController.getSelectedAddress()]
+        return
+      }
+      // register the provider request
+      const metadata = await getSiteMetadata(origin)
+      this._handleProviderRequest(origin, metadata.name, metadata.icon, false, null)
+      // wait for resolution of request
+      const approved = await new Promise(resolve => this.once(`resolvedRequest:${origin}`, ({ approved }) => resolve(approved)))
+      if (approved) {
+        res.result = [this.preferencesController.getSelectedAddress()]
+      } else {
+        throw new Error('User denied account authorization')
+      }
+    })
   }
 
   /**
@@ -59,79 +67,37 @@ class ProviderApprovalController {
     this.store.updateState({ providerRequests: [{ origin, siteTitle, siteImage, tabID }] })
     const isUnlocked = this.keyringController.memStore.getState().isUnlocked
     if (!force && this.approvedOrigins[origin] && this.caching && isUnlocked) {
-      this.approveProviderRequest(tabID)
       return
     }
     this.openPopup && this.openPopup()
   }
 
   /**
-   * Called by a tab to determine if an origin has been approved in the past
-   *
-   * @param {string} origin - Origin of the window
-   */
-  _handleIsApproved (origin, tabID) {
-    this.platform && this.platform.sendMessage({
-      action: 'answer-is-approved',
-      isApproved: this.approvedOrigins[origin] && this.caching,
-      caching: this.caching,
-    }, { id: tabID })
-  }
-
-  /**
-   * Called by a tab to determine if MetaMask is currently locked or unlocked
-   */
-  _handleIsUnlocked (tabID) {
-    const isUnlocked = this.keyringController.memStore.getState().isUnlocked
-    this.platform && this.platform.sendMessage({ action: 'answer-is-unlocked', isUnlocked }, { id: tabID })
-  }
-
-  /**
-   * Called to check privacy mode; if privacy mode is off, this will automatically enable the provider (legacy behavior)
-   */
-  _handlePrivacyRequest (tabID) {
-    const privacyMode = this.preferencesController.getFeatureFlags().privacyMode
-    if (!privacyMode) {
-      this.platform && this.platform.sendMessage({
-        action: 'approve-legacy-provider-request',
-        selectedAddress: this.publicConfigStore.getState().selectedAddress,
-      }, { id: tabID })
-      this.publicConfigStore.emit('update', this.publicConfigStore.getState())
-    }
-  }
-
-  /**
    * Called when a user approves access to a full Ethereum provider API
    *
-   * @param {string} tabID - ID of the target window that approved provider access
+   * @param {string} origin - origin of the domain that had provider access approved
    */
-  approveProviderRequest (tabID) {
+  approveProviderRequestByOrigin (origin) {
     this.closePopup && this.closePopup()
     const requests = this.store.getState().providerRequests
-    const origin = requests.find(request => request.tabID === tabID).origin
-    this.platform && this.platform.sendMessage({
-      action: 'approve-provider-request',
-      selectedAddress: this.publicConfigStore.getState().selectedAddress,
-    }, { id: tabID })
-    this.publicConfigStore.emit('update', this.publicConfigStore.getState())
-    const providerRequests = requests.filter(request => request.tabID !== tabID)
+    const providerRequests = requests.filter(request => request.origin !== origin)
     this.store.updateState({ providerRequests })
     this.approvedOrigins[origin] = true
+    this.emit(`resolvedRequest:${origin}`, { approved: true })
   }
 
   /**
    * Called when a tab rejects access to a full Ethereum provider API
    *
-   * @param {string} tabID - ID of the target window that rejected provider access
+   * @param {string} origin - origin of the domain that had provider access approved
    */
-  rejectProviderRequest (tabID) {
+  rejectProviderRequestByOrigin (origin) {
     this.closePopup && this.closePopup()
     const requests = this.store.getState().providerRequests
-    const origin = requests.find(request => request.tabID === tabID).origin
-    this.platform && this.platform.sendMessage({ action: 'reject-provider-request' }, { id: tabID })
-    const providerRequests = requests.filter(request => request.tabID !== tabID)
+    const providerRequests = requests.filter(request => request.origin !== origin)
     this.store.updateState({ providerRequests })
     delete this.approvedOrigins[origin]
+    this.emit(`resolvedRequest:${origin}`, { approved: false })
   }
 
   /**
@@ -149,16 +115,10 @@ class ProviderApprovalController {
    */
   shouldExposeAccounts (origin) {
     const privacyMode = this.preferencesController.getFeatureFlags().privacyMode
-    return !privacyMode || this.approvedOrigins[origin]
+    const result = !privacyMode || Boolean(this.approvedOrigins[origin])
+    return result
   }
 
-  /**
-   * Tells all tabs that MetaMask is now locked. This is primarily used to set
-   * internal flags in the contentscript and inpage script.
-   */
-  setLocked () {
-    this.platform.sendMessage({ action: 'metamask-set-locked' })
-  }
 }
 
 module.exports = ProviderApprovalController