Chromium Code Reviews Chromium Code Reviews
Issue 2773483003:
Create PasswordProtectionRequest to handle password pings (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright 2017 The Chromium Authors. All rights reserved. | 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef COMPONENTS_SAFE_BROWSING_PASSWORD_PROTECTION_PASSWORD_PROTECTION_SERVICE _H_ | 5 #ifndef COMPONENTS_SAFE_BROWSING_PASSWORD_PROTECTION_PASSWORD_PROTECTION_SERVICE _H_ |
| 6 #define COMPONENTS_SAFE_BROWSING_PASSWORD_PROTECTION_PASSWORD_PROTECTION_SERVICE _H_ | 6 #define COMPONENTS_SAFE_BROWSING_PASSWORD_PROTECTION_PASSWORD_PROTECTION_SERVICE _H_ |
| 7 | 7 |
| 8 #include <unordered_map> | |
| 9 | |
| 10 #include "base/callback.h" | |
| 8 #include "base/gtest_prod_util.h" | 11 #include "base/gtest_prod_util.h" |
| 9 #include "base/macros.h" | 12 #include "base/macros.h" |
| 10 #include "base/memory/ref_counted.h" | 13 #include "base/memory/ref_counted.h" |
| 11 #include "base/memory/weak_ptr.h" | 14 #include "base/memory/weak_ptr.h" |
| 12 #include "base/values.h" | 15 #include "base/values.h" |
| 13 #include "components/content_settings/core/browser/host_content_settings_map.h" | 16 #include "components/content_settings/core/browser/host_content_settings_map.h" |
| 14 #include "components/history/core/browser/history_service_observer.h" | 17 #include "components/history/core/browser/history_service_observer.h" |
| 15 #include "components/safe_browsing/csd.pb.h" | 18 #include "components/safe_browsing/csd.pb.h" |
| 19 #include "net/url_request/url_request_context_getter.h" | |
| 16 | 20 |
| 17 namespace history { | 21 namespace history { |
| 18 class HistoryService; | 22 class HistoryService; |
| 19 } | 23 } |
| 20 | 24 |
| 21 class GURL; | 25 class GURL; |
| 22 | 26 |
| 23 namespace safe_browsing { | 27 namespace safe_browsing { |
| 24 | 28 |
| 25 class SafeBrowsingDatabaseManager; | 29 class SafeBrowsingDatabaseManager; |
| 30 class PasswordProtectionRequest; | |
| 26 | 31 |
| 27 class PasswordProtectionService : history::HistoryServiceObserver { | 32 class PasswordProtectionService : history::HistoryServiceObserver { |
| 28 public: | 33 public: |
| 29 explicit PasswordProtectionService( | 34 using CheckCsdWhitelistCallback = base::Callback<void(bool)>; |
| 30 const scoped_refptr<SafeBrowsingDatabaseManager>& database_manager); | 35 |
| 36 PasswordProtectionService( | |
| 37 const scoped_refptr<SafeBrowsingDatabaseManager>& database_manager, | |
| 38 scoped_refptr<net::URLRequestContextGetter> request_content_getter); | |
|
Nathan Parker
2017/03/23 20:45:51
nit: request_context_getter
Jialiu Lin
2017/03/23 22:43:03
Done.
| |
| 31 | 39 |
| 32 ~PasswordProtectionService() override; | 40 ~PasswordProtectionService() override; |
| 33 | 41 |
| 34 // Checks if |url| matches CSD whitelist and record UMA metric accordingly. | 42 // Checks if |url| matches CSD whitelist and record UMA metric accordingly. |
| 35 // Currently called by PasswordReuseDetectionManager on UI thread. | 43 // Currently called by PasswordReuseDetectionManager on UI thread. |
| 36 void RecordPasswordReuse(const GURL& url); | 44 void RecordPasswordReuse(const GURL& url); |
| 37 | 45 |
| 46 void CheckCsdWhitelistOnIOThread(const GURL& url, | |
| 47 const CheckCsdWhitelistCallback& callback); | |
| 48 | |
| 38 base::WeakPtr<PasswordProtectionService> GetWeakPtr() { | 49 base::WeakPtr<PasswordProtectionService> GetWeakPtr() { |
| 39 return weak_factory_.GetWeakPtr(); | 50 return weak_factory_.GetWeakPtr(); |
| 40 } | 51 } |
| 41 | 52 |
| 42 // Looks up |settings|, and returns the verdict of |url|. Can be called on any | 53 // Looks up |settings| to find the cached verdict response. Can be called on |
| 43 // thread. If verdict is not available or is expired, return | 54 // any thread. |
|
Nathan Parker
2017/03/23 20:45:51
The orig comment on VERDICT_TYPE_UNSPECIFIED still
Jialiu Lin
2017/03/23 22:43:03
Done.
| |
| 44 // VERDICT_TYPE_UNSPECIFIED. | |
| 45 LoginReputationClientResponse::VerdictType GetCachedVerdict( | 55 LoginReputationClientResponse::VerdictType GetCachedVerdict( |
| 46 const HostContentSettingsMap* settings, | 56 const HostContentSettingsMap* settings, |
| 47 const GURL& url); | 57 const GURL& url, |
| 58 LoginReputationClientResponse* out_response); | |
| 48 | 59 |
| 49 // Stores |verdict| in |settings| based on |url|, |verdict| and | 60 // Stores |verdict| in |settings| based on |url|, |verdict| and |
| 50 // |receive_time|. | 61 // |receive_time|. |
| 51 void CacheVerdict(const GURL& url, | 62 void CacheVerdict(const GURL& url, |
| 52 LoginReputationClientResponse* verdict, | 63 LoginReputationClientResponse* verdict, |
| 53 const base::Time& receive_time, | 64 const base::Time& receive_time, |
| 54 HostContentSettingsMap* settings); | 65 HostContentSettingsMap* settings); |
| 55 | 66 |
| 67 void StartRequest(const GURL& main_frame_url, | |
|
Nathan Parker
2017/03/23 20:45:51
Add comment. (Is this only used after we check the
Jialiu Lin
2017/03/23 22:43:03
Actual no, Cache checking is a part of PasswordPro
| |
| 68 LoginReputationClientRequest::TriggerType type, | |
| 69 bool is_extended_reporting, | |
| 70 bool is_incognito); | |
| 71 | |
| 72 // Called by a PasswordProtectionRequest instance when it finishes to remove | |
| 73 // itself from |requests_|. | |
| 74 virtual void RequestFinished( | |
| 75 PasswordProtectionRequest* request, | |
| 76 std::unique_ptr<LoginReputationClientResponse> response); | |
| 77 | |
| 78 // Cancels all requests in |requests_|, empties it, and releases references to | |
| 79 // the requests. | |
| 80 void CancelPendingRequests(); | |
| 81 | |
| 82 // Gets the total number of verdict (no matter expired or not) we cached for | |
| 83 // current active profile. | |
| 84 virtual size_t GetStoredVerdictCount(); | |
| 85 | |
| 86 scoped_refptr<net::URLRequestContextGetter> request_context_getter() { | |
| 87 return request_context_getter_; | |
| 88 } | |
| 89 | |
| 90 // Returns the URL where PasswordProtectionRequest instances send requests. | |
| 91 static GURL GetPasswordProtectionRequestUrl(); | |
| 92 | |
| 93 // Gets the request timeout in milliseconds. | |
| 94 static int GetRequestTimeoutInMS(); | |
| 95 | |
| 56 protected: | 96 protected: |
| 57 // Called on UI thread. | 97 friend class PasswordProtectionRequest; |
| 98 | |
| 58 // Increases "PasswordManager.PasswordReuse.MainFrameMatchCsdWhitelist" UMA | 99 // Increases "PasswordManager.PasswordReuse.MainFrameMatchCsdWhitelist" UMA |
| 59 // metric based on input. | 100 // metric based on input. |
| 60 void OnMatchCsdWhiteListResult(bool match_whitelist); | 101 void OnMatchCsdWhiteListResult(bool match_whitelist); |
| 61 | 102 |
| 62 // Gets HostContentSettingMap for current active profile; | 103 // Gets HostContentSettingMap for current active profile; |
| 63 // TODO(jialiul): make this a pure virtual function when we have a derived | 104 // TODO(jialiul): make this a pure virtual function when we have a derived |
| 64 // class ready in chrome/browser/safe_browsing directory. | 105 // class ready in chrome/browser/safe_browsing directory. |
| 65 virtual HostContentSettingsMap* GetSettingMapForActiveProfile(); | 106 virtual HostContentSettingsMap* GetSettingMapForActiveProfile(); |
| 66 | 107 |
| 67 private: | 108 private: |
| (...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 107 static void GeneratePathVariantsWithoutQuery(const GURL& url, | 148 static void GeneratePathVariantsWithoutQuery(const GURL& url, |
| 108 std::vector<std::string>* paths); | 149 std::vector<std::string>* paths); |
| 109 | 150 |
| 110 static std::string GetCacheExpressionPath( | 151 static std::string GetCacheExpressionPath( |
| 111 const std::string& cache_expression); | 152 const std::string& cache_expression); |
| 112 | 153 |
| 113 static std::unique_ptr<base::DictionaryValue> CreateDictionaryFromVerdict( | 154 static std::unique_ptr<base::DictionaryValue> CreateDictionaryFromVerdict( |
| 114 const LoginReputationClientResponse* verdict, | 155 const LoginReputationClientResponse* verdict, |
| 115 const base::Time& receive_time); | 156 const base::Time& receive_time); |
| 116 | 157 |
| 158 // Stored verdict count for each HostContentSettingsMap. | |
| 159 std::unordered_map<HostContentSettingsMap*, size_t> stored_verdict_counts_; | |
| 160 | |
| 161 // The context we use to issue network requests. | |
|
Nathan Parker
2017/03/23 20:45:51
(Could add a note that we do this because we need
Jialiu Lin
2017/03/23 22:43:03
Done.
| |
| 162 scoped_refptr<net::URLRequestContextGetter> request_context_getter_; | |
| 163 | |
| 164 // Set of pending PasswordProtectionRequests. Using a map because | |
| 165 // heterogeneous lookups aren't available yet in std::unordered_map. | |
| 166 std::unordered_map<PasswordProtectionRequest*, | |
|
Nathan Parker
2017/03/23 20:45:51
How about just a vector of unique_ptrs? If we ass
Jialiu Lin
2017/03/23 22:43:03
Yep, using a std::unordered_set instead.
| |
| 167 std::unique_ptr<PasswordProtectionRequest>> | |
| 168 requests_; | |
| 169 | |
| 117 scoped_refptr<SafeBrowsingDatabaseManager> database_manager_; | 170 scoped_refptr<SafeBrowsingDatabaseManager> database_manager_; |
| 118 base::WeakPtrFactory<PasswordProtectionService> weak_factory_; | 171 base::WeakPtrFactory<PasswordProtectionService> weak_factory_; |
| 119 DISALLOW_COPY_AND_ASSIGN(PasswordProtectionService); | 172 DISALLOW_COPY_AND_ASSIGN(PasswordProtectionService); |
| 120 }; | 173 }; |
| 121 | 174 |
| 122 } // namespace safe_browsing | 175 } // namespace safe_browsing |
| 123 | 176 |
| 124 #endif // COMPONENTS_SAFE_BROWSING_PASSWORD_PROTECTION_PASSWORD_PROTECTION_SERV ICE_H_ | 177 #endif // COMPONENTS_SAFE_BROWSING_PASSWORD_PROTECTION_PASSWORD_PROTECTION_SERV ICE_H_ |
| OLD | NEW |
