Add API Key parsing for experimental APIs

content/common/experiments/api_key.h

Index: content/common/experiments/api_key.h
diff --git a/content/common/experiments/api_key.h b/content/common/experiments/api_key.h
new file mode 100644
index 0000000000000000000000000000000000000000..3f29d319be00724e802416d73b06605fb3fa3bef
--- /dev/null
+++ b/content/common/experiments/api_key.h
@@ -0,0 +1,88 @@
+// Copyright 2015 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CONTENT_COMMON_EXPERIMENTS_API_KEY_H_
+#define CONTENT_COMMON_EXPERIMENTS_API_KEY_H_
+
+#include <string>
+
+#include "base/time/time.h"
+#include "content/common/content_export.h"
+#include "url/gurl.h"
+
+namespace content {
+
+// The Experimental Framework (EF) provides limited access to experimental APIs,
+// on a per-origin basis.  This class defines the API key data structure, used
+// to securely provide access to an experimental API.
+//
+// Experimental APIs are defined by string names, provided by the implementers.
+// The EF code does not maintain an enum or constant list for experiment names.
+// Instead, the EF validates the name provided by the API implementation against
+// any provided API keys.
+//
+// More documentation on the key format can be found at
+// https://docs.google.com/document/d/1v5fi0EUV_QHckVHVF2K4P72iNywnrJtNhNZ6i2NPt0M
+
+class CONTENT_EXPORT ApiKey {
+ public:
+  ~ApiKey();
+
+  // Returns a key object if the string represents a well-formed key, or
+  // nullptr otherwise. (This does not mean that the key is valid, just that it
+  // can be parsed.)
+  static scoped_ptr<ApiKey> Parse(const std::string& key_text);

[Marijn Kruisselbrink, 2016/01/05 00:59:14]

nit: explicitly include #include "base/memory/scoped_ptr.h", don't rely on
gurl.h including this for you

[iclelland, 2016/01/05 20:26:31]

Done.

+
+  // Returns true if this API is appropriate for use by the given origin, for
+  // the given API name. This does not check whether the signature is valid, or
+  // whether the key itself has expired.
+  bool IsAppropriate(const std::string& origin,
+                     const std::string& apiName) const;
+
+  // Returns true if this API key has a valid signature, and has not expired.
+  bool IsValid(const base::Time& now) const;

[Marijn Kruisselbrink, 2016/01/05 00:59:14]

(not really related to this particular line of code)
I wonder if somehow somewhere should be mentioned that no validation whatsoever
of the origin in the api key is done. Of course it doesn't matter if a key
contains a origin field which isn't a valid URL, or is a valid URL but isn't an
origin (since such a key will never match an actual origin), but it might be
surprising to somebody reading the code.
Or maybe Parse should reject keys that don't have a valid url/origin as origin
field, just as it rejects keys where the expiration timestamp is not a number.

[iclelland, 2016/01/05 20:26:31]

That's reasonable -- I've gone back and forth on that personally, but I'll add
it. And yes, we're not doing any check on whether the origin matches -- that's
more of a check to see whether the key is appropriate for use in a given
situation, and is what IsAppropriate() checks.

+
+  std::string signature() { return signature_; }
+  std::string data() { return data_; }
+  GURL origin() { return origin_; }
+  std::string api_name() { return api_name_; }
+  uint64_t expiry_timestamp() { return expiry_timestamp_; }
+
+ protected:
+  friend class ApiKeyTest;
+
+  bool ValidateOrigin(const std::string& origin) const;
+  bool ValidateApiName(const std::string& api_name) const;
+  bool ValidateDate(const base::Time& now) const;
+
+ private:
+  ApiKey(const std::string& signature,
+         const std::string& data,
+         const GURL& origin,
+         const std::string& api_name,
+         uint64_t expiry_timestamp);
+
+  // The base64-encoded-signature portion of the key. For the key to be valid,
+  // this must be a valid signature for the data portion of the key, as verified
+  // by the public key in api_key.cc.
+  std::string signature_;
+
+  // The portion of the key string which is signed, and whose signature is
+  // contained in the signature_ member.
+  std::string data_;
+
+  // The origin for which this key is valid. Must be a secure origin.
+  GURL origin_;
+
+  // The name of the API experiment which this key enables.
+  std::string api_name_;
+
+  // The time until which this key should be considered valid, in UTC, as
+  // seconds since the Unix epoch.
+  uint64_t expiry_timestamp_;
+};
+
+}  // namespace content
+
+#endif  // CONTENT_COMMON_EXPERIMENTS_API_KEY_H_