Chromium Code Reviews Chromium Code Reviews
Issue 2767333006:
Add Digital Asset Links verification for postMessage API (Closed)
| Index: chrome/browser/android/customtabs/origin_verifier.cc |
| diff --git a/chrome/browser/android/customtabs/origin_verifier.cc b/chrome/browser/android/customtabs/origin_verifier.cc |
| new file mode 100644 |
| index 0000000000000000000000000000000000000000..924ac489dc6ee0932d77486af870a178db386ed6 |
| --- /dev/null |
| +++ b/chrome/browser/android/customtabs/origin_verifier.cc |
| @@ -0,0 +1,79 @@ |
| +// Copyright (c) 2017 The Chromium Authors. All rights reserved. |
| +// Use of this source code is governed by a BSD-style license that can be |
| +// found in the LICENSE file. |
| + |
| +#include "chrome/browser/android/customtabs/origin_verifier.h" |
| + |
| +#include "base/android/jni_android.h" |
| +#include "base/android/jni_string.h" |
| +#include "base/strings/string_number_conversions.h" |
| +#include "base/values.h" |
| +#include "chrome/browser/profiles/profile_manager.h" |
| +#include "jni/OriginVerifier_jni.h" |
| + |
| +using base::android::ConvertJavaStringToUTF16; |
| +using base::android::JavaParamRef; |
| + |
| +namespace customtabs { |
| + |
| +OriginVerifier::OriginVerifier(JNIEnv* env, jobject obj) { |
| + jobject_.Reset(env, obj); |
| + Profile* profile = ProfileManager::GetPrimaryUserProfile(); |
|
Benoit L
2017/04/04 18:44:12
The documentation for this function says:
// This
Yusuf
2017/04/05 00:20:42
Switched to using GetLastUsedProfile->GetOriginalP
|
| + asset_link_handler_.reset(new digital_asset_links::DigitalAssetLinksHandler( |
|
Benoit L
2017/04/04 18:44:11
tiny nit:
What about:
asset_link_handler_ = base
Yusuf
2017/04/05 00:20:42
Done.
|
| + profile->GetRequestContext())); |
| +} |
| + |
| +OriginVerifier::~OriginVerifier() {} |
| + |
| +void OriginVerifier::VerifyOrigin( |
| + JNIEnv* env, |
| + const JavaParamRef<jobject>& obj, |
| + const JavaParamRef<jstring>& j_package_name, |
| + const base::android::JavaParamRef<jstring>& j_fingerprint, |
| + const JavaParamRef<jstring>& j_origin) { |
| + if (!j_package_name || !j_fingerprint || !j_origin) |
| + return; |
| + std::string package_name = ConvertJavaStringToUTF8(env, j_package_name); |
| + std::string fingerprint = ConvertJavaStringToUTF8(env, j_fingerprint); |
| + std::string origin = ConvertJavaStringToUTF8(env, j_origin); |
| + |
| + digital_asset_links ::RelationshipCheckResultCallback callback( |
| + base::Bind(&customtabs::OriginVerifier::OnRelationshipCheckComplete, |
| + base::Unretained(this))); |
| + asset_link_handler_.get()->CheckDigitalAssetLinkRelationship( |
|
Benoit L
2017/04/04 18:44:11
nit: asset_link_handler->Check...
Yusuf
2017/04/05 00:20:42
Done.
|
| + std::unique_ptr<digital_asset_links::RelationshipCheckResultCallback>( |
| + &callback), |
|
Benoit L
2017/04/04 18:44:11
This doesn't work, as this is taking the address o
Yusuf
2017/04/05 00:20:42
not using unique ptr anymore.
|
| + origin, package_name, fingerprint, |
| + "delegate_permission/common.use_as_origin"); |
| +} |
| + |
| +void OriginVerifier::OnRelationshipCheckComplete( |
| + std::unique_ptr<base::DictionaryValue> response) { |
| + JNIEnv* env = base::android::AttachCurrentThread(); |
| + |
| + bool verified = false; |
| + |
| + if (response) { |
| + response->GetBoolean( |
| + digital_asset_links::kDigitalAssetLinksCheckResponseKeyLinked, |
| + &verified); |
| + } |
| + Java_OriginVerifier_originVerified(env, jobject_, verified); |
| +} |
| + |
| +void OriginVerifier::Destroy(JNIEnv* env, |
| + const base::android::JavaRef<jobject>& obj) { |
| + delete this; |
| +} |
| + |
| +static jlong Init(JNIEnv* env, |
| + const base::android::JavaParamRef<jobject>& obj) { |
| + OriginVerifier* native_verifier = new OriginVerifier(env, obj); |
| + return reinterpret_cast<intptr_t>(native_verifier); |
| +} |
| + |
| +bool RegisterOriginVerifier(JNIEnv* env) { |
| + return RegisterNativesImpl(env); |
| +} |
| + |
| +} // namespace customtabs |
