| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 // This file contains utilities related to working with "facets". | |
| 6 // | |
| 7 // A "facet" is defined as the manifestation of a logical application on a given | |
| 8 // platform. For example, "My Bank" may have released an Android application | |
| 9 // and a Web application accessible from a browser. These are all facets of the | |
| 10 // "My Bank" logical application. | |
| 11 // | |
| 12 // Facets that belong to the same logical application are said to be affiliated | |
| 13 // with each other. Conceptually, "affiliations" can be seen as an equivalence | |
| 14 // relation defined over the set of all facets. Each equivalence class contains | |
| 15 // facets that belong to the same logical application, and therefore should be | |
| 16 // treated as synonymous for certain purposes, e.g., sharing credentials. | |
| 17 // | |
| 18 // A valid facet identifier will be a URI of the form: | |
| 19 // | |
| 20 // * https://<host>[:<port>] | |
| 21 // | |
| 22 // For web sites. Only HTTPS sites are supported. The syntax corresponds to | |
| 23 // that of 'serialized-origin' in RFC 6454. That is, in canonical form, the | |
| 24 // URI must not contain components other than the scheme (required, must be | |
| 25 // "https"), host (required), and port (optional); with canonicalization | |
| 26 // performed the same way as it normally would be for standard URLs. | |
| 27 // | |
| 28 // * android://<certificate_hash>@<package_name> | |
| 29 // | |
| 30 // For Android applications. In canonical form, the URI must not contain | |
| 31 // components other than the scheme (must be "android"), username, and host | |
| 32 // (all required). The host part must be a valid Android package name, with | |
| 33 // no escaping, so it must be composed of characters [a-zA-Z0-9_.]. | |
| 34 // | |
| 35 // The username part must be the hash of the certificate used to sign the | |
| 36 // APK, base64-encoded using padding and the "URL and filename safe" base64 | |
| 37 // alphabet, with no further escaping. This is normally calculated as: | |
| 38 // | |
| 39 // echo -n -e "$PEM_KEY" | | |
| 40 // openssl x509 -outform DER | | |
| 41 // openssl sha -sha512 -binary | base64 | tr '+/' '-_' | |
| 42 // | |
| 43 | |
| 44 #ifndef COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_AFFILIATION_UTILS_H_ | |
| 45 #define COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_AFFILIATION_UTILS_H_ | |
| 46 | |
| 47 #include <iosfwd> | |
| 48 #include <string> | |
| 49 #include <vector> | |
| 50 | |
| 51 #include <stddef.h> | |
| 52 | |
| 53 #include "base/containers/hash_tables.h" | |
| 54 #include "base/logging.h" | |
| 55 #include "base/strings/utf_string_conversions.h" | |
| 56 #include "base/time/time.h" | |
| 57 #include "url/third_party/mozilla/url_parse.h" | |
| 58 | |
| 59 namespace autofill { | |
| 60 struct PasswordForm; | |
| 61 } // namespace autofill | |
| 62 | |
| 63 namespace password_manager { | |
| 64 | |
| 65 // Encapsulates a facet URI in canonical form. | |
| 66 // | |
| 67 // This is a very light-weight wrapper around an std::string containing the text | |
| 68 // of the URI, and can be passed around as a value. The main rationale for the | |
| 69 // existence of this class is to make it clearer in the code when a certain URI | |
| 70 // is known to be a valid facet URI in canonical form, and to allow verifying | |
| 71 // and converting URIs to such canonical form. | |
| 72 // | |
| 73 // Note that it would be impractical to use GURL to represent facet URIs, as | |
| 74 // GURL has built-in logic to parse the rest of the URI according to its scheme, | |
| 75 // and obviously, it does not recognize the "android" scheme. Therefore, after | |
| 76 // parsing, everything ends up in the path component, which is not too helpful. | |
| 77 class FacetURI { | |
| 78 public: | |
| 79 FacetURI(); | |
| 80 | |
| 81 // As a light-weight std::string wrapper, allow copy and assign. | |
| 82 FacetURI(const FacetURI&) = default; | |
| 83 FacetURI& operator=(const FacetURI&) = default; | |
| 84 | |
| 85 // Constructs an instance to encapsulate the canonical form of |spec|. | |
| 86 // If |spec| is not a valid facet URI, then an invalid instance is returned, | |
| 87 // which then should be discarded. | |
| 88 static FacetURI FromPotentiallyInvalidSpec(const std::string& spec); | |
| 89 | |
| 90 // Constructs a valid FacetURI instance from a valid |canonical_spec|. | |
| 91 // Note: The passed-in URI is not verified at all. Use only when you are sure | |
| 92 // the URI is valid and in canonical form. | |
| 93 static FacetURI FromCanonicalSpec(const std::string& canonical_spec); | |
| 94 | |
| 95 // Comparison operators so that FacetURI can be used in std::equal. | |
| 96 bool operator==(const FacetURI& other) const; | |
| 97 bool operator!=(const FacetURI& other) const; | |
| 98 | |
| 99 // Relational operators so that FacetURI can be used in sorted containers. | |
| 100 bool operator<(const FacetURI& other) const; | |
| 101 bool operator>(const FacetURI& other) const; | |
| 102 | |
| 103 // Returns whether or not this instance represents a valid facet identifier | |
| 104 // referring to a Web application. | |
| 105 bool IsValidWebFacetURI() const; | |
| 106 | |
| 107 // Returns whether or not this instance represents a valid facet identifier | |
| 108 // referring to an Android application. | |
| 109 bool IsValidAndroidFacetURI() const; | |
| 110 | |
| 111 // Returns whether or not this instance represents a valid facet identifier | |
| 112 // referring to either a Web or an Android application. The empty identfier is | |
| 113 // not considered valid. | |
| 114 bool is_valid() const { return is_valid_; } | |
| 115 | |
| 116 // Returns whether or not this instance represents the empty facet identifier. | |
| 117 bool is_empty() const { return canonical_spec_.empty(); } | |
| 118 | |
| 119 // Returns the canonical scheme of the encapsulated facet URI, provided it is | |
| 120 // valid, or the empty string otherwise. | |
| 121 std::string scheme() const; | |
| 122 | |
| 123 // Returns the canonical package name that the encapsulated facet URI | |
| 124 // references, provided it is a valid Android facet URI, or the empty string | |
| 125 // otherwise. | |
| 126 std::string android_package_name() const; | |
| 127 | |
| 128 // Returns the text of the encapsulated canonical URI, which must be valid. | |
| 129 const std::string& canonical_spec() const { | |
| 130 DCHECK(is_valid_); | |
| 131 return canonical_spec_; | |
| 132 } | |
| 133 | |
| 134 // Returns the text of the encapsulated canonical URI, even if it is invalid. | |
| 135 const std::string& potentially_invalid_spec() const { | |
| 136 return canonical_spec_; | |
| 137 } | |
| 138 | |
| 139 private: | |
| 140 // Internal constructor to be used by the static factory methods. | |
| 141 FacetURI(const std::string& canonical_spec, bool is_valid); | |
| 142 | |
| 143 // Whether |canonical_spec_| contains a valid facet URI in canonical form. | |
| 144 bool is_valid_; | |
| 145 | |
| 146 // The text of the encapsulated canonical URI, valid if and only if | |
| 147 // |is_valid_| is true. | |
| 148 std::string canonical_spec_; | |
| 149 | |
| 150 // Identified components of the canonical spec. | |
| 151 url::Parsed parsed_; | |
| 152 }; | |
| 153 | |
| 154 // A collection of facets affiliated with each other, i.e. an equivalence class. | |
| 155 typedef std::vector<FacetURI> AffiliatedFacets; | |
| 156 | |
| 157 // A collection of facets affiliated with each other, i.e. an equivalence class, | |
| 158 // plus a timestamp that indicates the last time the data was updated from an | |
| 159 // authoritative source. | |
| 160 struct AffiliatedFacetsWithUpdateTime { | |
| 161 AffiliatedFacetsWithUpdateTime(); | |
| 162 AffiliatedFacetsWithUpdateTime(const AffiliatedFacetsWithUpdateTime& other); | |
| 163 ~AffiliatedFacetsWithUpdateTime(); | |
| 164 | |
| 165 AffiliatedFacets facets; | |
| 166 base::Time last_update_time; | |
| 167 }; | |
| 168 | |
| 169 // Returns whether or not equivalence classes |a| and |b| are equal, that is, | |
| 170 // whether or not they consist of the same set of facets. | |
| 171 // | |
| 172 // Note that this will do some sorting, so it can be expensive for large inputs. | |
| 173 bool AreEquivalenceClassesEqual(const AffiliatedFacets& a, | |
| 174 const AffiliatedFacets& b); | |
| 175 | |
| 176 // A shorter way to spell FacetURI::IsValidAndroidFacetURI(). | |
| 177 bool IsValidAndroidFacetURI(const std::string& uri); | |
| 178 | |
| 179 // Returns the origin URI in a format which can be presented to a user based of | |
| 180 // |password_from| field values. | |
| 181 std::string GetHumanReadableOrigin(const autofill::PasswordForm& password_form); | |
| 182 | |
| 183 // Returns the Android origin URI for presenting to a user. | |
| 184 std::string GetHumanReadableOriginForAndroidUri(const FacetURI facet_uri); | |
| 185 | |
| 186 // For logging use only. | |
| 187 std::ostream& operator<<(std::ostream& os, const FacetURI& facet_uri); | |
| 188 | |
| 189 struct FacetURIHash { | |
| 190 size_t operator()(const FacetURI& facet_uri) const { | |
| 191 return std::hash<std::string>()(facet_uri.potentially_invalid_spec()); | |
| 192 } | |
| 193 }; | |
| 194 | |
| 195 } // namespace password_manager | |
| 196 | |
| 197 #endif // COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_AFFILIATION_UTILS_H_ | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2949573002:
Move the files related to Android<->Web credentials to a separate folder. (Closed)
