Factor out authorization from AudioRendererHost.

content/browser/renderer_host/media/audio_output_authorization_handler.cc

Index: content/browser/renderer_host/media/audio_output_authorization_handler.cc
diff --git a/content/browser/renderer_host/media/audio_output_authorization_handler.cc b/content/browser/renderer_host/media/audio_output_authorization_handler.cc
new file mode 100644
index 0000000000000000000000000000000000000000..ccfe0b348043c3febff714a0c8e861a991ca187d
--- /dev/null
+++ b/content/browser/renderer_host/media/audio_output_authorization_handler.cc
@@ -0,0 +1,223 @@
+// Copyright 2016 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "content/browser/renderer_host/media/audio_output_authorization_handler.h"
+
+#include "base/task_runner_util.h"
+#include "content/browser/bad_message.h"
+#include "content/browser/renderer_host/media/audio_input_device_manager.h"
+#include "content/public/browser/browser_thread.h"
+#include "content/public/browser/media_device_id.h"
+#include "media/base/limits.h"
+
+namespace {
+
+bool IsValidDeviceId(const std::string& device_id) {
+  static const std::string::size_type kValidLength = 64;

[DaleCurtis, 2016/11/01 22:01:13]

No need for static const? Just use constexpr? Seems like this should actually be
a property of the HMAC generation code.

[Max Morin, 2016/11/02 11:47:06]

I was lazy and just moved this code over from ARH, but it doesn't belong here at
all. I'll put it in media_device_id and media_stream_manager with the other
hashing-related functions.

+
+  if (media::AudioDeviceDescription::IsDefaultDevice(device_id) ||
+      device_id == media::AudioDeviceDescription::kCommunicationsDeviceId) {
+    return true;
+  }
+
+  if (device_id.length() != kValidLength)
+    return false;
+
+  for (const char& c : device_id) {
+    if ((c < 'a' || c > 'f') && (c < '0' || c > '9'))
+      return false;
+  }
+
+  return true;
+}
+
+void MaybeFixAudioParameters(media::AudioParameters* params) {
+  // If the number of output channels is greater than the maximum, use the
+  // maximum allowed value. Hardware channels are ignored upstream, so it is
+  // better to report a valid value if this is the only problem.
+  if (params->channels() > media::limits::kMaxChannels)

[DaleCurtis, 2016/11/01 22:01:13]

Probably this should DCHECK that the channel layout is actually discrete in this
case.

[Max Morin, 2016/11/02 11:47:06]

Done.

+    params->set_channels_for_discrete(media::limits::kMaxChannels);
+
+  // If hardware parameters are still invalid, use dummy parameters with
+  // fake audio path and let the client handle the error.
+  if (!params->IsValid())
+    *params = media::AudioParameters::UnavailableDeviceParams();
+}
+
+media::AudioParameters GetDeviceParametersOnDeviceThread(
+    const std::string& unique_id) {
+  media::AudioManager* audio_manager = media::AudioManager::Get();
+  DCHECK(audio_manager->GetTaskRunner()->BelongsToCurrentThread());
+
+  if (media::AudioDeviceDescription::IsDefaultDevice(unique_id))

[DaleCurtis, 2016/11/01 22:01:13]

Prefer ternary? Up to you though.

[Max Morin, 2016/11/02 11:47:06]

Done.

+    return audio_manager->GetDefaultOutputStreamParameters();
+  return audio_manager->GetOutputStreamParameters(unique_id);
+}
+
+}  // namespace
+
+namespace content {
+
+AudioOutputAuthorizationHandler::AudioOutputAuthorizationHandler(
+    MediaStreamManager* media_stream_manager,
+    int render_process_id,
+    const std::string& salt)
+    : media_stream_manager_(media_stream_manager),
+      render_process_id_(render_process_id),
+      salt_(salt),
+      weak_factory_(this) {
+  DCHECK(media_stream_manager_);
+}
+
+AudioOutputAuthorizationHandler::~AudioOutputAuthorizationHandler() = default;
+
+void AudioOutputAuthorizationHandler::RequestDeviceAuthorization(
+    int render_frame_id,
+    int session_id,
+    const std::string& device_id,
+    const url::Origin& security_origin,
+    AuthorizationCompletedCallback cb) {
+  DCHECK_CURRENTLY_ON(BrowserThread::IO);
+
+  if (!IsValidDeviceId(device_id)) {

[DaleCurtis, 2016/11/01 22:01:13]

Seems like this should be BadMessage?

[Max Morin, 2016/11/02 11:47:06]

Done.

+    cb.Run(media::OUTPUT_DEVICE_STATUS_ERROR_NOT_FOUND,
+           media::AudioParameters::UnavailableDeviceParams(), std::string());
+    return;
+  }
+
+  // If |session_id| should be used for output device selection and such output
+  // device is found, reuse the input device permissions.
+  if (media::AudioDeviceDescription::UseSessionIdToSelectDevice(session_id,
+                                                                device_id)) {
+    const StreamDeviceInfo* info =
+        media_stream_manager_->audio_input_device_manager()
+            ->GetOpenedDeviceInfoById(session_id);
+    if (info) {
+      media::AudioParameters output_params(
+          media::AudioParameters::AUDIO_PCM_LOW_LATENCY,
+          static_cast<media::ChannelLayout>(
+              info->device.matched_output.channel_layout),
+          info->device.matched_output.sample_rate, 16,
+          info->device.matched_output.frames_per_buffer);
+      output_params.set_effects(info->device.matched_output.effects);
+      MaybeFixAudioParameters(&output_params);
+
+      cb.Run(media::OUTPUT_DEVICE_STATUS_OK, std::move(output_params),
+             GetHMACForMediaDeviceID(salt_, security_origin,
+                                     info->device.matched_output_device_id));
+      return;
+    }
+  }
+
+  CheckOutputDeviceAccess(std::move(cb), render_frame_id, device_id,
+                          security_origin);
+}
+
+void AudioOutputAuthorizationHandler::CheckOutputDeviceAccess(
+    AuthorizationCompletedCallback cb,
+    int render_frame_id,
+    const std::string& device_id,
+    const url::Origin& security_origin) {
+  DCHECK_CURRENTLY_ON(BrowserThread::IO);
+
+  // Check security origin if nondefault device is requested.
+  // Ignore check for default device, which is always authorized.
+  if (!media::AudioDeviceDescription::IsDefaultDevice(device_id) &&
+      !MediaStreamManager::IsOriginAllowed(render_process_id_,
+                                           security_origin)) {
+    bad_message::ReceivedBadMessage(render_process_id_,
+                                    bad_message::ARH_UNAUTHORIZED_URL);
+    return;
+  }
+
+  if (media::AudioDeviceDescription::IsDefaultDevice(device_id)) {
+    AccessChecked(std::move(cb), device_id, security_origin, true);
+  } else {
+    // Check that MediaStream device permissions have been granted for
+    // nondefault devices.
+    permission_checker_.CheckPermission(

[DaleCurtis, 2016/11/01 22:01:13]

How does this interplay with the device authorization timeout on Windows/OSX? It
seems like this is blocking for user permission which may result in hanging the
render thread. +olka.

[Guido Urdaneta, 2016/11/01 22:08:17]

This introduces some delay with nondefault devices, but it does not block
waiting for user input.
CheckPermission only checks if permission has already been granted but does not
prompt the user.

+        MEDIA_DEVICE_TYPE_AUDIO_OUTPUT, render_process_id_, render_frame_id,
+        security_origin,
+        base::Bind(&AudioOutputAuthorizationHandler::AccessChecked,
+                   weak_factory_.GetWeakPtr(), std::move(cb), device_id,
+                   security_origin));
+  }
+}
+
+void AudioOutputAuthorizationHandler::AccessChecked(
+    AuthorizationCompletedCallback cb,
+    const std::string& device_id,
+    const url::Origin& security_origin,
+    bool have_access) {
+  DCHECK_CURRENTLY_ON(BrowserThread::IO);
+
+  if (!have_access) {
+    cb.Run(media::OUTPUT_DEVICE_STATUS_ERROR_NOT_AUTHORIZED,
+           media::AudioParameters::UnavailableDeviceParams(), std::string());
+    return;
+  }
+
+  // For default device, read output parameters directly. Nondefault devices
+  // require translation first.
+  if (media::AudioDeviceDescription::IsDefaultDevice(device_id)) {
+    base::PostTaskAndReplyWithResult(
+        media::AudioManager::Get()->GetTaskRunner(), FROM_HERE,
+        base::Bind(&GetDeviceParametersOnDeviceThread,
+                   media::AudioDeviceDescription::kDefaultDeviceId),
+        base::Bind(&AudioOutputAuthorizationHandler::DeviceParametersReceived,
+                   weak_factory_.GetWeakPtr(), std::move(cb), true,
+                   media::AudioDeviceDescription::kDefaultDeviceId));
+  } else {
+    MediaDevicesManager::BoolDeviceTypes devices_to_enumerate;
+    devices_to_enumerate[MEDIA_DEVICE_TYPE_AUDIO_OUTPUT] = true;
+    media_stream_manager_->media_devices_manager()->EnumerateDevices(
+        devices_to_enumerate,
+        base::Bind(&AudioOutputAuthorizationHandler::TranslateDeviceID,
+                   weak_factory_.GetWeakPtr(), std::move(cb), device_id,
+                   security_origin));
+  }
+}
+
+void AudioOutputAuthorizationHandler::TranslateDeviceID(
+    AuthorizationCompletedCallback cb,
+    const std::string& device_id,
+    const url::Origin& security_origin,
+    const MediaDeviceEnumeration& enumeration) {
+  DCHECK_CURRENTLY_ON(BrowserThread::IO);
+  DCHECK(!media::AudioDeviceDescription::IsDefaultDevice(device_id));
+  for (const MediaDeviceInfo& device_info :
+       enumeration[MEDIA_DEVICE_TYPE_AUDIO_OUTPUT]) {
+    if (content::DoesMediaDeviceIDMatchHMAC(salt_, security_origin, device_id,
+                                            device_info.device_id)) {
+      base::PostTaskAndReplyWithResult(
+          media::AudioManager::Get()->GetTaskRunner(), FROM_HERE,
+          base::Bind(&GetDeviceParametersOnDeviceThread, device_info.device_id),
+          base::Bind(&AudioOutputAuthorizationHandler::DeviceParametersReceived,
+                     weak_factory_.GetWeakPtr(), std::move(cb), true,
+                     device_info.device_id));
+      return;
+    }
+  }
+  DeviceParametersReceived(std::move(cb), false, std::string(),
+                           media::AudioParameters::UnavailableDeviceParams());
+}
+
+void AudioOutputAuthorizationHandler::DeviceParametersReceived(
+    AuthorizationCompletedCallback cb,
+    bool device_found,
+    const std::string& unique_id,
+    media::AudioParameters output_params) {
+  DCHECK_CURRENTLY_ON(BrowserThread::IO);
+
+  if (!device_found) {
+    cb.Run(media::OUTPUT_DEVICE_STATUS_ERROR_NOT_FOUND,
+           media::AudioParameters::UnavailableDeviceParams(), "");
+    return;
+  }
+
+  MaybeFixAudioParameters(&output_params);
+  cb.Run(media::OUTPUT_DEVICE_STATUS_OK, std::move(output_params), unique_id);
+}
+
+}  // namespace content