Add API Key parsing for experimental APIs

third_party/WebKit/Source/core/experiments/APIKey.cpp

Index: third_party/WebKit/Source/core/experiments/APIKey.cpp
diff --git a/third_party/WebKit/Source/core/experiments/APIKey.cpp b/third_party/WebKit/Source/core/experiments/APIKey.cpp
new file mode 100644
index 0000000000000000000000000000000000000000..30299a594a0e2341ef9a7a3aac1cf80d1020f346
--- /dev/null
+++ b/third_party/WebKit/Source/core/experiments/APIKey.cpp
@@ -0,0 +1,89 @@
+// Copyright 2015 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "config.h"
+#include "core/experiments/APIKey.h"
+
+#include "core/dom/ElementTraversal.h"
+#include "core/dom/ExceptionCode.h"
+#include "core/frame/LocalDOMWindow.h"
+#include "core/html/HTMLHeadElement.h"
+#include "core/html/HTMLMetaElement.h"
+#include "platform/RuntimeEnabledFeatures.h"
+#include "platform/weborigin/SecurityOrigin.h"
+
+#include <string>
+
+namespace blink {
+
+PassRefPtrWillBeRawPtr<APIKey> APIKey::parse(const String& keyText)
+{
+    if (keyText.isEmpty()) {
+        return nullptr;
+    }
+
+    // API Key should resemble:
+    // signature:origin:apiName:expiry
+    Vector<String> parts;
+    keyText.split('|', parts);
+    if (parts.size() != 4) {

[chasej, 2015/12/15 19:43:41]

Combined with the expiry integer check, this will implicitly validate that the
API name doesn't contain the pipe character (i.e. either size != 4, or expiry
will likely not be a valid integer). However, I think it would be better if the
code was more explicit about validating the api name.

This also raises the question of whether there should two different delimiters.
The first to separate signature vs data, the second to separate
origin:name:expiry within the data. As is, validation failures would be
ambiguous. Maybe it doesn't matter with this implementation for parse(), as any
validation failure returns null, without explanation.

[iclelland, 2015/12/16 17:04:37]

Acknowledged. For now, I've gone with the simplest approach, of just splitting
and accepting that if the API name isn't something valid, it will never pass any
tests made by the browser -- we're never going to look for that invalid string.

+        return nullptr;
+    }
+
+    const String& signature = parts[0];
+    const String& originText = parts[1];
+    const String& apiName = parts[2];
+    const String& expiryText = parts[3];
+
+    // Expiry field must be an integer
+    bool expiryIsValid = false;
+    uint64_t expiry = expiryText.toUInt64Strict(&expiryIsValid);
+    if (!expiryIsValid) {
+        return nullptr;
+    }
+
+    // Origin field must be a valid URL
+    KURL origin = KURL(KURL(), originText);
+    if (!origin.isValid()) {
+        return nullptr;
+    }
+
+    return adoptRefWillBeNoop(new APIKey(signature, origin, apiName, expiry));
+}
+
+APIKey::APIKey(const String& signature, const KURL& origin, const String& apiName, uint64_t expiry)
+    : m_signature(signature)
+    , m_origin(origin)
+    , m_apiName(apiName)
+    , m_expiry(expiry)
+{
+}
+
+bool APIKey::isValidNowForOrigin(const String& origin, const String& apiName, uint64_t now) const
+{
+    return validateOrigin(origin)
+        && validateApiName(apiName)
+        && validateDate(now);
+}
+
+bool APIKey::validateOrigin(const String& originText) const
+{
+    KURL origin = KURL(KURL(), originText);
+    if (!origin.isValid()) {
+        return false;
+    }
+    return origin == m_origin;
+}
+
+bool APIKey::validateApiName(const String& apiName) const
+{
+    return equalIgnoringCase(m_apiName, apiName);
+}
+
+bool APIKey::validateDate(uint64_t now) const
+{
+    return m_expiry > now;
+}
+
+} // namespace blink