OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/chromeos/attestation/platform_verification_flow.h" | 5 #include "chrome/browser/chromeos/attestation/platform_verification_flow.h" |
6 | 6 |
7 #include <utility> | 7 #include <utility> |
8 | 8 |
9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
10 #include "base/logging.h" | 10 #include "base/logging.h" |
11 #include "base/macros.h" | 11 #include "base/macros.h" |
12 #include "base/message_loop/message_loop.h" | 12 #include "base/message_loop/message_loop.h" |
13 #include "base/metrics/histogram.h" | 13 #include "base/metrics/histogram.h" |
14 #include "base/time/time.h" | 14 #include "base/time/time.h" |
15 #include "base/timer/timer.h" | 15 #include "base/timer/timer.h" |
16 #include "chrome/browser/chromeos/attestation/attestation_ca_client.h" | 16 #include "chrome/browser/chromeos/attestation/attestation_ca_client.h" |
17 #include "chrome/browser/chromeos/attestation/attestation_signed_data.pb.h" | 17 #include "chrome/browser/chromeos/attestation/attestation_signed_data.pb.h" |
18 #include "chrome/browser/chromeos/profiles/profile_helper.h" | 18 #include "chrome/browser/chromeos/profiles/profile_helper.h" |
19 #include "chrome/browser/chromeos/settings/cros_settings.h" | 19 #include "chrome/browser/chromeos/settings/cros_settings.h" |
20 #include "chrome/browser/media/protected_media_identifier_permission_context.h" | 20 #include "chrome/browser/permissions/permission_manager.h" |
21 #include "chrome/browser/media/protected_media_identifier_permission_context_fac
tory.h" | |
22 #include "chrome/browser/profiles/profile.h" | 21 #include "chrome/browser/profiles/profile.h" |
23 #include "chromeos/attestation/attestation_flow.h" | 22 #include "chromeos/attestation/attestation_flow.h" |
24 #include "chromeos/chromeos_switches.h" | 23 #include "chromeos/chromeos_switches.h" |
25 #include "chromeos/cryptohome/async_method_caller.h" | 24 #include "chromeos/cryptohome/async_method_caller.h" |
26 #include "chromeos/cryptohome/cryptohome_parameters.h" | 25 #include "chromeos/cryptohome/cryptohome_parameters.h" |
27 #include "chromeos/dbus/cryptohome_client.h" | 26 #include "chromeos/dbus/cryptohome_client.h" |
28 #include "chromeos/dbus/dbus_thread_manager.h" | 27 #include "chromeos/dbus/dbus_thread_manager.h" |
29 #include "components/content_settings/core/browser/host_content_settings_map.h" | 28 #include "components/content_settings/core/browser/host_content_settings_map.h" |
30 #include "components/content_settings/core/common/content_settings_pattern.h" | 29 #include "components/content_settings/core/common/content_settings_pattern.h" |
31 #include "components/user_manager/user.h" | 30 #include "components/user_manager/user.h" |
32 #include "content/public/browser/browser_context.h" | 31 #include "content/public/browser/browser_context.h" |
33 #include "content/public/browser/browser_thread.h" | 32 #include "content/public/browser/browser_thread.h" |
| 33 #include "content/public/browser/permission_type.h" |
34 #include "content/public/browser/render_process_host.h" | 34 #include "content/public/browser/render_process_host.h" |
35 #include "content/public/browser/render_view_host.h" | 35 #include "content/public/browser/render_view_host.h" |
36 #include "content/public/browser/user_metrics.h" | 36 #include "content/public/browser/user_metrics.h" |
37 #include "content/public/browser/web_contents.h" | 37 #include "content/public/browser/web_contents.h" |
38 #include "content/public/common/url_constants.h" | 38 #include "content/public/common/url_constants.h" |
39 #include "net/cert/pem_tokenizer.h" | 39 #include "net/cert/pem_tokenizer.h" |
40 #include "net/cert/x509_certificate.h" | 40 #include "net/cert/x509_certificate.h" |
| 41 #include "third_party/WebKit/public/platform/modules/permissions/permission_stat
us.mojom.h" |
41 | 42 |
42 namespace { | 43 namespace { |
43 | 44 |
44 using chromeos::attestation::PlatformVerificationFlow; | 45 using chromeos::attestation::PlatformVerificationFlow; |
45 | 46 |
46 const int kTimeoutInSeconds = 8; | 47 const int kTimeoutInSeconds = 8; |
47 const char kAttestationResultHistogram[] = | 48 const char kAttestationResultHistogram[] = |
48 "ChromeOS.PlatformVerification.Result"; | 49 "ChromeOS.PlatformVerification.Result"; |
49 const char kAttestationAvailableHistogram[] = | 50 const char kAttestationAvailableHistogram[] = |
50 "ChromeOS.PlatformVerification.Available"; | 51 "ChromeOS.PlatformVerification.Available"; |
(...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
98 return url; | 99 return url; |
99 } | 100 } |
100 | 101 |
101 const user_manager::User* GetUser( | 102 const user_manager::User* GetUser( |
102 content::WebContents* web_contents) override { | 103 content::WebContents* web_contents) override { |
103 return ProfileHelper::Get()->GetUserByProfile( | 104 return ProfileHelper::Get()->GetUserByProfile( |
104 Profile::FromBrowserContext(web_contents->GetBrowserContext())); | 105 Profile::FromBrowserContext(web_contents->GetBrowserContext())); |
105 } | 106 } |
106 | 107 |
107 bool IsPermittedByUser(content::WebContents* web_contents) override { | 108 bool IsPermittedByUser(content::WebContents* web_contents) override { |
108 ProtectedMediaIdentifierPermissionContext* permission_context = | |
109 ProtectedMediaIdentifierPermissionContextFactory::GetForProfile( | |
110 Profile::FromBrowserContext(web_contents->GetBrowserContext())); | |
111 | |
112 // TODO(xhwang): Using delegate_->GetURL() here is not right. The platform | 109 // TODO(xhwang): Using delegate_->GetURL() here is not right. The platform |
113 // verification may be requested by a frame from a different origin. This | 110 // verification may be requested by a frame from a different origin. This |
114 // will be solved when http://crbug.com/454847 is fixed. | 111 // will be solved when http://crbug.com/454847 is fixed. |
115 const GURL& requesting_origin = GetURL(web_contents).GetOrigin(); | 112 const GURL& requesting_origin = GetURL(web_contents).GetOrigin(); |
116 | 113 |
117 GURL embedding_origin = web_contents->GetLastCommittedURL().GetOrigin(); | 114 GURL embedding_origin = web_contents->GetLastCommittedURL().GetOrigin(); |
| 115 blink::mojom::PermissionStatus status = |
| 116 PermissionManager::Get( |
| 117 Profile::FromBrowserContext(web_contents->GetBrowserContext())) |
| 118 ->GetPermissionStatus( |
| 119 content::PermissionType::PROTECTED_MEDIA_IDENTIFIER, |
| 120 requesting_origin, embedding_origin); |
118 | 121 |
119 ContentSetting content_setting = permission_context->GetPermissionStatus( | 122 return status == blink::mojom::PermissionStatus::GRANTED; |
120 requesting_origin, embedding_origin); | |
121 | |
122 return content_setting == CONTENT_SETTING_ALLOW; | |
123 } | 123 } |
124 | 124 |
125 bool IsInSupportedMode(content::WebContents* web_contents) override { | 125 bool IsInSupportedMode(content::WebContents* web_contents) override { |
126 Profile* profile = | 126 Profile* profile = |
127 Profile::FromBrowserContext(web_contents->GetBrowserContext()); | 127 Profile::FromBrowserContext(web_contents->GetBrowserContext()); |
128 if (profile->IsOffTheRecord() || profile->IsGuestSession()) | 128 if (profile->IsOffTheRecord() || profile->IsGuestSession()) |
129 return false; | 129 return false; |
130 | 130 |
131 base::CommandLine* command_line = base::CommandLine::ForCurrentProcess(); | 131 base::CommandLine* command_line = base::CommandLine::ForCurrentProcess(); |
132 return !command_line->HasSwitch(chromeos::switches::kSystemDevMode) || | 132 return !command_line->HasSwitch(chromeos::switches::kSystemDevMode) || |
(...skipping 289 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
422 if (!operation_success) { | 422 if (!operation_success) { |
423 LOG(WARNING) << "PlatformVerificationFlow: Failed to renew platform " | 423 LOG(WARNING) << "PlatformVerificationFlow: Failed to renew platform " |
424 "certificate."; | 424 "certificate."; |
425 return; | 425 return; |
426 } | 426 } |
427 VLOG(1) << "Certificate successfully renewed."; | 427 VLOG(1) << "Certificate successfully renewed."; |
428 } | 428 } |
429 | 429 |
430 } // namespace attestation | 430 } // namespace attestation |
431 } // namespace chromeos | 431 } // namespace chromeos |
OLD | NEW |