content/browser/webauth/authenticator_impl.cc - Issue 2788823002: Add the Mojo implementation of authenticator.mojom's MakeCredential.

Side by Side Diff: content/browser/webauth/authenticator_impl.cc

Issue 2788823002: Add the Mojo implementation of authenticator.mojom's MakeCredential. (Closed)

Patch Set: Migreate webauth in components/ and chrome/ to content/ Created 3 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

« content/browser/webauth/authenticator_impl.h ('K') | « content/browser/webauth/authenticator_impl.h ('k') | content/browser/webauth/authenticator_impl_unittest.cc » ('j') | third_party/WebKit/Source/modules/webauth/WebAuthentication.cpp » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
(Empty)
	1 // Copyright 2017 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #include "content/browser/webauth/authenticator_impl.h"

	6

	7 #include <memory>

	8

	9 #include "base/json/json_writer.h"

	10 #include "base/memory/ptr_util.h"

	11 #include "content/public/browser/render_frame_host.h"

	12 #include "content/public/browser/web_contents.h"

	13 #include "crypto/sha2.h"

	14 #include "mojo/public/cpp/bindings/strong_binding.h"

	15

	16 namespace content {

	17

	18 const char kGetAssertionType[] = "navigator.id.getAssertion";

	19

	20 // JSON key values

	21 const char kTypeKey[] = "type";

	22 const char kChallengeKey[] = "challenge";

	23 const char kOriginKey[] = "origin";

	24 const char kCidPubkeyKey[] = "cid_pubkey";

	25

	26 // Serializes the \|value\| to a JSON string and returns the result.

	27 std::string SerializeValueToJson(const base::Value& value) {

	28 std::string json;

	29 base::JSONWriter::Write(value, &json);

	30 return json;

	31 }
	jochen (gone - plz use gerrit) 2017/06/28 07:38:30 the const values the this method should all go int the const values the this method should all go into an anon namespace kpaulhamus 2017/06/28 08:48:15 Done. Show quoted text On 2017/06/28 07:38:30, jochen wrote: > the const values the this method should all go into an anon namespace Done.
	32

	33 // static

	34 void AuthenticatorImpl::Create(

	35 RenderFrameHost* render_frame_host,

	36 const service_manager::BindSourceInfo& source_info,

	37 webauth::mojom::AuthenticatorRequest request) {

	38 auto authenticator_impl =

	39 base::WrapUnique(new AuthenticatorImpl(render_frame_host));

	40 mojo::MakeStrongBinding(std::move(authenticator_impl), std::move(request));

	41 }

	42

	43 AuthenticatorImpl::~AuthenticatorImpl() {}

	44

	45 AuthenticatorImpl::AuthenticatorImpl(RenderFrameHost* render_frame_host) {

	46 DCHECK(render_frame_host);

	47 caller_origin_ = render_frame_host->GetLastCommittedOrigin();

	48 }

	49

	50 // mojom:Authenticator

	51 void AuthenticatorImpl::MakeCredential(

	52 webauth::mojom::RelyingPartyAccountPtr account,

	53 std::vector<webauth::mojom::ScopedCredentialParametersPtr> parameters,

	54 const std::vector<uint8_t>& challenge,

	55 webauth::mojom::ScopedCredentialOptionsPtr options,

	56 MakeCredentialCallback callback) {

	57 std::string effective_domain;

	58 std::string relying_party_id;

	59 std::string client_data_json;

	60 base::DictionaryValue client_data;

	61

	62 // Steps 6 & 7 of https://w3c.github.io/webauthn/#createCredential

	63 // opaque origin

	64 if (caller_origin_.unique()) {

	65 std::move(callback).Run(

	66 webauth::mojom::AuthenticatorStatus::NOT_ALLOWED_ERROR, NULL);

	67 return;

	68 }

	69

	70 if (!options->relying_party_id) {

	71 relying_party_id = caller_origin_.Serialize();

	72 } else {

	73 effective_domain = caller_origin_.host();

	74

	75 DCHECK(!effective_domain.empty());

	76 // TODO(kpaulhamus): Check if relyingPartyId is a registrable domain

	77 // suffix of and equal to effectiveDomain and set relyingPartyId

	78 // appropriately.

	79 relying_party_id = options->relying_party_id.value_or(std::string());

	80 }

	81

	82 // TODO(kpaulhamus): Check ScopedCredentialParameter's type and

	83 // algorithmIdentifier after algorithmIdentifier is added to mojom to

	84 // make sure it is U2F_V2.

	85

	86 client_data.SetString(kTypeKey, kGetAssertionType);

	87 client_data.SetString(

	88 kChallengeKey,

	89 base::StringPiece(reinterpret_cast<const char*>(challenge.data()),

	90 challenge.size()));

	91 client_data.SetString(kOriginKey, relying_party_id);

	92 // Channel ID is optional, and missing if the browser doesn't support it.

	93 // It is present and set to the constant "unused" if the browser

	94 // supports Channel ID but is not using it to talk to the origin.

	95 // TODO(kpaulhamus): Fetch and add the Channel ID public key used to

	96 // communicate with the origin.

	97 client_data.SetString(kCidPubkeyKey, "unused");

	98

	99 // SHA-256 hash the JSON data structure

	100 client_data_json = SerializeValueToJson(client_data);

	101 std::string client_data_hash = crypto::SHA256HashString(client_data_json);

	102

	103 std::move(callback).Run(webauth::mojom::AuthenticatorStatus::NOT_IMPLEMENTED,

	104 NULL);
	jochen (gone - plz use gerrit) 2017/06/28 07:38:30 use nullptr instead of NULL use nullptr instead of NULL kpaulhamus 2017/06/28 08:48:15 Done. Show quoted text On 2017/06/28 07:38:30, jochen wrote: > use nullptr instead of NULL Done.
	105 }

	106

	107 } // namespace content

OLD	NEW