Timeout if website never completes the transaction.

third_party/WebKit/Source/modules/payments/PaymentRequest.cpp

 // Copyright 2016 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "modules/payments/PaymentRequest.h"
 
 #include "bindings/core/v8/ExceptionState.h"
 #include "bindings/core/v8/JSONValuesForV8.h"
 #include "bindings/core/v8/ScriptPromiseResolver.h"
 #include "bindings/core/v8/ScriptState.h"
@@ skipping 141 matching lines @@
         }
         return output;
     }
 };
 
 } // namespace mojo
 
 namespace blink {
 namespace {
 
+// If the website does not call complete() 60 seconds after show() has been resolved, then behave as if
+// the website called complete("fail").
+static const int completeTimeoutSeconds = 60;
+
 // Validates ShippingOption or PaymentItem, which happen to have identical fields,
 // except for "id", which is present only in ShippingOption.
 template <typename T>
 void validateShippingOptionOrPaymentItem(const T& item, ExceptionState& exceptionState)
 {
     if (!item.hasLabel() || item.label().isEmpty()) {
         exceptionState.throwTypeError("Item label required");
         return;
     }
 
@@ skipping 239 matching lines @@
 ExecutionContext* PaymentRequest::getExecutionContext() const
 {
     return ContextLifecycleObserver::getExecutionContext();
 }
 
 ScriptPromise PaymentRequest::complete(ScriptState* scriptState, PaymentComplete result)
 {
     if (m_completeResolver)
         return ScriptPromise::rejectWithDOMException(scriptState, DOMException::create(InvalidStateError, "Already called complete() once"));
 
+    if (!m_completeTimer.isActive())
+        return ScriptPromise::rejectWithDOMException(scriptState, DOMException::create(InvalidStateError, "Timed out after 60 seconds, complete() called too late"));
+
     // User has cancelled the transaction while the website was processing it.
     if (!m_paymentProvider)
         return ScriptPromise::rejectWithDOMException(scriptState, DOMException::create(InvalidStateError, "Request cancelled"));
 
+    m_completeTimer.stop();
+
     // The payment provider should respond in PaymentRequest::OnComplete().
     m_paymentProvider->Complete(mojom::blink::PaymentComplete(result));
 
     m_completeResolver = ScriptPromiseResolver::create(scriptState);
     return m_completeResolver->promise();
 }
 
 void PaymentRequest::onUpdatePaymentDetails(const ScriptValue& detailsScriptValue)
 {
     if (!m_showResolver || !m_paymentProvider)
@@ skipping 35 matching lines @@
     visitor->trace(m_details);
     visitor->trace(m_options);
     visitor->trace(m_shippingAddress);
     visitor->trace(m_showResolver);
     visitor->trace(m_completeResolver);
     visitor->trace(m_abortResolver);
     EventTargetWithInlineData::trace(visitor);
     ContextLifecycleObserver::trace(visitor);
 }
 
+void PaymentRequest::onTimerFired(TimerBase*)
+{
+    m_completeTimer.stop();
+    m_paymentProvider->Complete(mojom::blink::PaymentComplete(Fail));
+    clearResolversAndCloseMojoConnection();
+}
+
 PaymentRequest::PaymentRequest(ScriptState* scriptState, const HeapVector<PaymentMethodData>& methodData, const PaymentDetails& details, const PaymentOptions& options, ExceptionState& exceptionState)
     : ContextLifecycleObserver(scriptState->getExecutionContext())
     , ActiveScriptWrappable(this)
     , m_options(options)
     , m_clientBinding(this)
+    , m_completeTimer(this, &PaymentRequest::onTimerFired)
 {
     validateAndConvertPaymentMethodData(methodData, &m_methodData, exceptionState);
     if (exceptionState.hadException())
         return;
 
     if (!scriptState->getExecutionContext()->isSecureContext()) {
         exceptionState.throwSecurityError("Must be in a secure context");
         return;
     }
 
@@ skipping 52 matching lines @@
     event->setPaymentDetailsUpdater(this);
     bool success = getExecutionContext()->getEventQueue()->enqueueEvent(event);
     DCHECK(success);
     ALLOW_UNUSED_LOCAL(success);
 }
 
 void PaymentRequest::OnPaymentResponse(mojom::blink::PaymentResponsePtr response)
 {
     DCHECK(m_showResolver);
     DCHECK(!m_completeResolver);
+    DCHECK(!m_completeTimer.isActive());
 
     if (m_options.requestShipping()) {
         if (!response->shipping_address || response->shipping_option.isEmpty()) {
             m_showResolver->reject(DOMException::create(SyntaxError));
             clearResolversAndCloseMojoConnection();
             return;
         }
 
         String errorMessage;
         if (!PaymentsValidators::isValidShippingAddress(response->shipping_address, &errorMessage)) {
@@ skipping 14 matching lines @@
 
     if ((m_options.requestPayerEmail() && response->payer_email.isEmpty())
         || (m_options.requestPayerPhone() && response->payer_phone.isEmpty())
         || (!m_options.requestPayerEmail() && !response->payer_email.isNull())
         || (!m_options.requestPayerPhone() && !response->payer_phone.isNull())) {
         m_showResolver->reject(DOMException::create(SyntaxError));
         clearResolversAndCloseMojoConnection();
         return;
     }
 
+    m_completeTimer.startOneShot(completeTimeoutSeconds, BLINK_FROM_HERE);
+
     m_showResolver->resolve(new PaymentResponse(std::move(response), this));
 
     // Do not close the mojo connection here. The merchant website should call
-    // PaymentResponse::complete(boolean), which will be forwarded over the mojo
+    // PaymentResponse::complete(String), which will be forwarded over the mojo
     // connection to display a success or failure message to the user.
     m_showResolver.clear();
 }
 
 void PaymentRequest::OnError(mojo::PaymentErrorReason error)
 {
     bool isError = false;
     ExceptionCode ec = UnknownError;
     String message;
 
@@ skipping 65 matching lines @@
 {
     m_completeResolver.clear();
     m_showResolver.clear();
     m_abortResolver.clear();
     if (m_clientBinding.is_bound())
         m_clientBinding.Close();
     m_paymentProvider.reset();
 }
 
 } // namespace blink