Extending the translation from ONC to Shill.

chrome/browser/chromeos/net/onc_utils.cc

Index: chrome/browser/chromeos/net/onc_utils.cc
diff --git a/chrome/browser/chromeos/net/onc_utils.cc b/chrome/browser/chromeos/net/onc_utils.cc
new file mode 100644
index 0000000000000000000000000000000000000000..dde15e1de1b429c5967f8838fb573911cf4692b4
--- /dev/null
+++ b/chrome/browser/chromeos/net/onc_utils.cc
@@ -0,0 +1,225 @@
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/chromeos/net/onc_utils.h"
+
+#include "base/values.h"
+#include "chrome/browser/chromeos/cros/network_ui_data.h"
+#include "chrome/browser/chromeos/proxy_config_service_impl.h"
+#include "chrome/browser/prefs/proxy_config_dictionary.h"
+#include "chromeos/network/onc/onc_signature.h"
+#include "chromeos/network/onc/onc_utils.h"
+#include "net/proxy/proxy_server.h"
+
+namespace chromeos {
+namespace onc {
+
+namespace {
+
+net::ProxyServer ConvertOncProxyLocationToHostPort(
+    net::ProxyServer::Scheme default_proxy_scheme,
+    const base::DictionaryValue& onc_proxy_location) {
+  std::string host;
+  onc_proxy_location.GetString(onc::proxy::kHost, &host);
+  // Parse |host| according to the format [<scheme>"://"]<server>[":"<port>].
+  net::ProxyServer proxy_server =
+      net::ProxyServer::FromURI(host, default_proxy_scheme);
+  int port = 0;
+  onc_proxy_location.GetInteger(onc::proxy::kPort, &port);

[stevenjb, 2012/12/26 21:37:00]

If onc_proxy_location.GetInteger() fails is using a port of 0 OK/expected, or do
we need to handle that differently?

[pneubeck (no reviews), 2013/01/08 13:39:44]

The port field is required by the ONC spec and the validator ensures that the
field exists.

+
+  // Replace the port parsed from |host| by the provided |port|.
+  return net::ProxyServer(
+      proxy_server.scheme(),
+      net::HostPortPair(proxy_server.host_port_pair().host(),
+                        static_cast<uint16>(port)));
+}
+
+void AppendProxyServerForScheme(
+    const base::DictionaryValue& onc_manual,
+    const std::string& onc_scheme,
+    std::string* spec) {
+  const base::DictionaryValue* onc_proxy_location = NULL;
+  if (!onc_manual.GetDictionaryWithoutPathExpansion(onc_scheme,
+                                                    &onc_proxy_location)) {
+    return;
+  }
+
+  net::ProxyServer::Scheme default_proxy_scheme = net::ProxyServer::SCHEME_HTTP;
+  std::string url_scheme;
+  if (onc_scheme == proxy::kFtp) {
+    url_scheme = "ftp";
+  } else if (onc_scheme == proxy::kHttp) {
+    url_scheme = "http";
+  } else if (onc_scheme == proxy::kHttps) {
+    url_scheme = "https";
+  } else if (onc_scheme == proxy::kSocks) {
+    default_proxy_scheme = net::ProxyServer::SCHEME_SOCKS4;
+    url_scheme = "socks";
+  } else {
+    NOTREACHED();
+  }
+
+  net::ProxyServer proxy_server = ConvertOncProxyLocationToHostPort(
+      default_proxy_scheme, *onc_proxy_location);
+
+  ProxyConfigServiceImpl::ProxyConfig::EncodeAndAppendProxyServer(
+      url_scheme, proxy_server, spec);
+}
+
+net::ProxyBypassRules ConvertOncExcludeDomainsToBypassRules(
+    const base::ListValue& onc_exclude_domains) {
+  net::ProxyBypassRules rules;
+  for (base::ListValue::const_iterator it = onc_exclude_domains.begin();
+       it != onc_exclude_domains.end(); ++it) {
+    std::string rule;
+    (*it)->GetAsString(&rule);
+    rules.AddRuleFromString(rule);
+  }
+  return rules;
+}
+
+}  // namespace
+
+scoped_ptr<base::DictionaryValue> ConvertOncProxySettingsToProxyConfig(
+    const base::DictionaryValue& onc_proxy_settings) {
+  std::string type;
+  onc_proxy_settings.GetStringWithoutPathExpansion(proxy::kType, &type);
+  scoped_ptr<DictionaryValue> proxy_dict;
+
+  if (type == proxy::kDirect) {
+    proxy_dict.reset(ProxyConfigDictionary::CreateDirect());
+  } else if (type == proxy::kWPAD) {
+    proxy_dict.reset(ProxyConfigDictionary::CreateAutoDetect());
+  } else if (type == proxy::kPAC) {
+    std::string pac_url;
+    onc_proxy_settings.GetStringWithoutPathExpansion(proxy::kPAC, &pac_url);
+    GURL url(pac_url);
+    DCHECK(url.is_valid())
+        << "PAC field is invalid for this ProxySettings.Type";
+    proxy_dict.reset(ProxyConfigDictionary::CreatePacScript(url.spec(),
+                                                            false));
+  } else if (type == proxy::kManual) {
+    const base::DictionaryValue* manual_dict = NULL;
+    onc_proxy_settings.GetDictionaryWithoutPathExpansion(proxy::kManual,
+                                                         &manual_dict);
+    std::string manual_spec;
+    AppendProxyServerForScheme(*manual_dict, proxy::kFtp, &manual_spec);
+    AppendProxyServerForScheme(*manual_dict, proxy::kHttp, &manual_spec);
+    AppendProxyServerForScheme(*manual_dict, proxy::kSocks, &manual_spec);
+    AppendProxyServerForScheme(*manual_dict, proxy::kHttps, &manual_spec);
+
+    const base::ListValue* exclude_domains = NULL;
+    net::ProxyBypassRules bypass_rules;
+    if (manual_dict->GetListWithoutPathExpansion(proxy::kExcludeDomains,
+                                                 &exclude_domains)) {
+      bypass_rules.AssignFrom(
+          ConvertOncExcludeDomainsToBypassRules(*exclude_domains));
+    }
+    proxy_dict.reset(ProxyConfigDictionary::CreateFixedServers(
+        manual_spec, bypass_rules.ToString()));
+  } else {
+    NOTREACHED();
+  }
+  return proxy_dict.Pass();
+}
+
+namespace {
+
+void TranslateClientCertType(const std::string& client_cert_type,
+                             NetworkUIData* ui_data) {
+  ClientCertType type;
+  if (client_cert_type == certificate::kNone) {
+    type = CLIENT_CERT_TYPE_NONE;
+  } else if (client_cert_type == certificate::kRef) {
+    type = CLIENT_CERT_TYPE_REF;
+  } else if (client_cert_type == certificate::kPattern) {
+    type = CLIENT_CERT_TYPE_PATTERN;
+  } else {
+    type = CLIENT_CERT_TYPE_NONE;
+    NOTREACHED();

[stevenjb, 2012/12/26 21:37:00]

This should be LOG(ERROR) if the input might be data driven; NOTREACHED will
crash on Debug builds.

[pneubeck (no reviews), 2013/01/08 13:39:44]

The else part should logically never occur as the validation ensures that the
field has a valid value.

I'd liked to remove the "type = ...NONE;" assignment but release compilation
requires that we initialize type in every case.

[stevenjb, 2013/01/08 18:38:22]

If it logically shouldn't happen, then NOTREACHED is correct (I should have
phrased my comment better)

+  }
+
+  ui_data->set_certificate_type(type);
+}
+
+void TranslateCertificatePattern(const base::DictionaryValue& onc_object,
+                                 NetworkUIData* ui_data) {
+  CertificatePattern pattern;
+  bool success = pattern.CopyFromDictionary(onc_object);
+  DCHECK(success);

[stevenjb, 2012/12/26 21:37:00]

Also LOG(ERROR) if data driven.

[pneubeck (no reviews), 2013/01/08 13:39:44]

Same as above.

You mentioned here https://codereview.chromium.org/11614035/#msg8 that we should
use LOG(ERROR) for easily recoverable errors.

However, in the cases here, our internal representation (valid ONC) would
already be broken and I don't see how we can recover anymore.

+  ui_data->set_certificate_pattern(pattern);
+}
+
+void TranslateEAP(const base::DictionaryValue& eap,
+                  NetworkUIData* ui_data) {
+  std::string client_cert_type;
+  if (eap.GetStringWithoutPathExpansion(eap::kClientCertType,
+                                        &client_cert_type)) {
+    TranslateClientCertType(client_cert_type, ui_data);
+  }
+}
+
+void TranslateIPsec(const base::DictionaryValue& ipsec,
+                    NetworkUIData* ui_data) {
+  std::string client_cert_type;
+  if (ipsec.GetStringWithoutPathExpansion(vpn::kClientCertType,
+                                          &client_cert_type)) {
+    TranslateClientCertType(client_cert_type, ui_data);
+  }
+}
+
+void TranslateOpenVPN(const base::DictionaryValue& openvpn,
+                      NetworkUIData* ui_data) {
+  std::string client_cert_type;
+  if (openvpn.GetStringWithoutPathExpansion(vpn::kClientCertType,
+                                            &client_cert_type)) {
+    TranslateClientCertType(client_cert_type, ui_data);
+  }
+}
+
+void TranslateONCHierarchy(const OncValueSignature& signature,
+                           const base::DictionaryValue& onc_object,
+                           NetworkUIData* ui_data) {
+  if (&signature == &kCertificatePatternSignature)
+    TranslateCertificatePattern(onc_object, ui_data);
+  else if (&signature == &kEAPSignature)
+    TranslateEAP(onc_object, ui_data);
+  else if (&signature == &kIPsecSignature)
+    TranslateIPsec(onc_object, ui_data);
+  else if (&signature == &kOpenVPNSignature)
+    TranslateOpenVPN(onc_object, ui_data);
+
+  // Recurse into nested objects.
+  for (base::DictionaryValue::Iterator it(onc_object); it.HasNext();
+       it.Advance()) {
+    const base::DictionaryValue* inner_object;
+    if (!it.value().GetAsDictionary(&inner_object))
+      continue;
+
+    const OncFieldSignature* field_signature =
+        GetFieldSignature(signature, it.key());
+
+    TranslateONCHierarchy(*field_signature->value_signature, *inner_object,
+                          ui_data);
+  }
+}
+
+}  // namespace
+
+scoped_ptr<base::DictionaryValue> CreateUIData(
+    ONCSource onc_source,
+    const base::DictionaryValue& onc_network) {
+  NetworkUIData ui_data;
+  TranslateONCHierarchy(kNetworkConfigurationSignature, onc_network,
+                        &ui_data);
+
+  ui_data.set_onc_source(onc_source);
+
+  scoped_ptr<base::DictionaryValue> result(new base::DictionaryValue());
+  ui_data.FillDictionary(result.get());
+  return result.Pass();
+}
+
+}  // onc
+}  // chromeos