| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "chrome/browser/autofill/wallet/encryption_escrow_client.h" | |
| 6 | |
| 7 #include "base/logging.h" | |
| 8 #include "base/memory/scoped_ptr.h" | |
| 9 #include "base/string_number_conversions.h" | |
| 10 #include "base/stringprintf.h" | |
| 11 #include "base/strings/string_split.h" | |
| 12 #include "base/utf_string_conversions.h" | |
| 13 #include "chrome/browser/autofill/wallet/encryption_escrow_client_observer.h" | |
| 14 #include "chrome/browser/autofill/wallet/instrument.h" | |
| 15 #include "chrome/browser/autofill/wallet/wallet_service_url.h" | |
| 16 #include "googleurl/src/gurl.h" | |
| 17 #include "net/base/escape.h" | |
| 18 #include "net/http/http_status_code.h" | |
| 19 #include "net/url_request/url_fetcher.h" | |
| 20 #include "net/url_request/url_request_context_getter.h" | |
| 21 | |
| 22 namespace { | |
| 23 | |
| 24 const char kEncryptOtpBodyFormat[] = "cvv=%s:%s"; | |
| 25 const char kEscrowInstrumentInformationFormat[] = "gid=%s&cardNumber=%s&cvv=%s"; | |
| 26 const char kEscrowCardVerficationNumberFormat[] = "gid=%s&cvv=%s"; | |
| 27 const char kApplicationMimeType[] = "application/x-www-form-urlencoded"; | |
| 28 | |
| 29 // The maximum number of bits in the one time pad that the server is willing to | |
| 30 // accept. | |
| 31 const size_t kMaxBits = 56; | |
| 32 | |
| 33 // The minimum number of bits in the one time pad that the server is willing to | |
| 34 // accept. | |
| 35 const size_t kMinBits = 40; | |
| 36 | |
| 37 } // anonymous namespace | |
| 38 | |
| 39 namespace autofill { | |
| 40 namespace wallet { | |
| 41 | |
| 42 EncryptionEscrowClient::EncryptionEscrowClient( | |
| 43 net::URLRequestContextGetter* context_getter) | |
| 44 : context_getter_(context_getter), | |
| 45 request_type_(NO_PENDING_REQUEST) { | |
| 46 DCHECK(context_getter); | |
| 47 } | |
| 48 | |
| 49 EncryptionEscrowClient::~EncryptionEscrowClient() {} | |
| 50 | |
| 51 void EncryptionEscrowClient::EncryptOneTimePad( | |
| 52 const std::vector<uint8>& one_time_pad, | |
| 53 base::WeakPtr<EncryptionEscrowClientObserver> observer) { | |
| 54 DCHECK_EQ(NO_PENDING_REQUEST, request_type_); | |
| 55 size_t num_bits = one_time_pad.size() * 8; | |
| 56 DCHECK_LE(num_bits, kMaxBits); | |
| 57 DCHECK_GE(num_bits, kMinBits); | |
| 58 | |
| 59 request_type_ = ENCRYPT_ONE_TIME_PAD; | |
| 60 | |
| 61 std::string post_body = StringPrintf( | |
| 62 kEncryptOtpBodyFormat, | |
| 63 base::HexEncode(&num_bits, 1).c_str(), | |
| 64 base::HexEncode(&(one_time_pad[0]), one_time_pad.size()).c_str()); | |
| 65 | |
| 66 MakeRequest(GetEncryptionUrl(), post_body, observer); | |
| 67 } | |
| 68 | |
| 69 void EncryptionEscrowClient::EscrowInstrumentInformation( | |
| 70 const Instrument& new_instrument, | |
| 71 const std::string& obfuscated_gaia_id, | |
| 72 base::WeakPtr<EncryptionEscrowClientObserver> observer) { | |
| 73 DCHECK_EQ(NO_PENDING_REQUEST, request_type_); | |
| 74 request_type_ = ESCROW_INSTRUMENT_INFORMATION; | |
| 75 | |
| 76 const std::string& primary_account_number = | |
| 77 net::EscapeUrlEncodedData( | |
| 78 UTF16ToUTF8(new_instrument.primary_account_number()), true); | |
| 79 const std::string& card_verification_number = | |
| 80 net::EscapeUrlEncodedData( | |
| 81 UTF16ToUTF8(new_instrument.card_verification_number()), true); | |
| 82 | |
| 83 std::string post_body = StringPrintf( | |
| 84 kEscrowInstrumentInformationFormat, | |
| 85 obfuscated_gaia_id.c_str(), | |
| 86 primary_account_number.c_str(), | |
| 87 card_verification_number.c_str()); | |
| 88 | |
| 89 MakeRequest(GetEscrowUrl(), post_body, observer); | |
| 90 } | |
| 91 | |
| 92 void EncryptionEscrowClient::EscrowCardVerificationNumber( | |
| 93 const std::string& card_verification_number, | |
| 94 const std::string& obfuscated_gaia_id, | |
| 95 base::WeakPtr<EncryptionEscrowClientObserver> observer) { | |
| 96 DCHECK_EQ(NO_PENDING_REQUEST, request_type_); | |
| 97 request_type_ = ESCROW_CARD_VERIFICATION_NUMBER; | |
| 98 | |
| 99 std::string post_body = StringPrintf( | |
| 100 kEscrowCardVerficationNumberFormat, | |
| 101 obfuscated_gaia_id.c_str(), | |
| 102 card_verification_number.c_str()); | |
| 103 | |
| 104 MakeRequest(GetEscrowUrl(), post_body, observer); | |
| 105 } | |
| 106 | |
| 107 void EncryptionEscrowClient::MakeRequest( | |
| 108 const GURL& url, | |
| 109 const std::string& post_body, | |
| 110 base::WeakPtr<EncryptionEscrowClientObserver> observer) { | |
| 111 DCHECK(!request_.get()); | |
| 112 DCHECK(observer); | |
| 113 | |
| 114 observer_ = observer; | |
| 115 | |
| 116 request_.reset(net::URLFetcher::Create( | |
| 117 1, url, net::URLFetcher::POST, this)); | |
| 118 request_->SetRequestContext(context_getter_); | |
| 119 DVLOG(1) << "url=" << url << ", post_body=" << post_body; | |
| 120 request_->SetUploadData(kApplicationMimeType, post_body); | |
| 121 request_->Start(); | |
| 122 } | |
| 123 | |
| 124 // TODO(ahutter): Add manual retry logic if it's necessary. | |
| 125 void EncryptionEscrowClient::OnURLFetchComplete( | |
| 126 const net::URLFetcher* source) { | |
| 127 scoped_ptr<net::URLFetcher> old_request = request_.Pass(); | |
| 128 DCHECK_EQ(source, old_request.get()); | |
| 129 | |
| 130 DVLOG(1) << "Got response from " << source->GetOriginalURL(); | |
| 131 | |
| 132 RequestType type = request_type_; | |
| 133 request_type_ = NO_PENDING_REQUEST; | |
| 134 | |
| 135 std::string data; | |
| 136 source->GetResponseAsString(&data); | |
| 137 DVLOG(1) << "Response body: " << data; | |
| 138 | |
| 139 if (source->GetResponseCode() != net::HTTP_OK) { | |
| 140 observer_->OnNetworkError(source->GetResponseCode()); | |
| 141 return; | |
| 142 } | |
| 143 | |
| 144 if (data.empty()) { | |
| 145 HandleMalformedResponse(old_request.get()); | |
| 146 return; | |
| 147 } | |
| 148 | |
| 149 switch (type) { | |
| 150 case ENCRYPT_ONE_TIME_PAD: { | |
| 151 std::vector<std::string> splits; | |
| 152 // The response from the server should be formatted as | |
| 153 // "<session material>|<encrypted one time pad>". | |
| 154 base::SplitString(data, '|', &splits); | |
| 155 if (splits.size() == 2) { | |
| 156 if (observer_) | |
| 157 observer_->OnDidEncryptOneTimePad(splits[1], splits[0]); | |
| 158 } else { | |
| 159 HandleMalformedResponse(old_request.get()); | |
| 160 } | |
| 161 break; | |
| 162 } | |
| 163 | |
| 164 case ESCROW_INSTRUMENT_INFORMATION: | |
| 165 if (observer_) | |
| 166 observer_->OnDidEscrowInstrumentInformation(data); | |
| 167 break; | |
| 168 | |
| 169 case ESCROW_CARD_VERIFICATION_NUMBER: | |
| 170 if (observer_) | |
| 171 observer_->OnDidEscrowCardVerificationNumber(data); | |
| 172 break; | |
| 173 | |
| 174 case NO_PENDING_REQUEST: | |
| 175 NOTREACHED(); | |
| 176 } | |
| 177 } | |
| 178 | |
| 179 void EncryptionEscrowClient::HandleMalformedResponse(net::URLFetcher* request) { | |
| 180 // Called to inform exponential backoff logic of the error. | |
| 181 request->ReceivedContentWasMalformed(); | |
| 182 if (observer_) | |
| 183 observer_->OnMalformedResponse(); | |
| 184 } | |
| 185 | |
| 186 } // namespace wallet | |
| 187 } // namespace autofill | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 12434004:
Move remaining Autofill code to //components/autofill. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src