| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 // This file contains utilities related to working with "facets". |
| 6 // |
| 7 // A "facet" is defined as the manifestation of a logical application on a given |
| 8 // platform. For example, "My Bank" may have released an Android application |
| 9 // and a Web application accessible from a browser. These are all facets of the |
| 10 // "My Bank" logical application. |
| 11 // |
| 12 // Facets that belong to the same logical application are said to be affiliated |
| 13 // with each other. Conceptually, "affiliations" can be seen as an equivalence |
| 14 // relation defined over the set of all facets. Each equivalence class contains |
| 15 // facets that belong to the same logical application, and therefore should be |
| 16 // treated as synonymous for certain purposes, e.g., sharing credentials. |
| 17 // |
| 18 // A valid facet identifier will be a URI of the form: |
| 19 // |
| 20 // * https://<host>[:<port>] |
| 21 // |
| 22 // For web sites. Only HTTPS sites are supported. The syntax corresponds to |
| 23 // that of 'serialized-origin' in RFC 6454. That is, in canonical form, the |
| 24 // URI must not contain components other than the scheme (required, must be |
| 25 // "https"), host (required), and port (optional); with canonicalization |
| 26 // performed the same way as it normally would be for standard URLs. |
| 27 // |
| 28 // * android://<certificate_hash>@<package_name> |
| 29 // |
| 30 // For Android applications. In canonical form, the URI must not contain |
| 31 // components other than the scheme (must be "android"), username, and host |
| 32 // (all required). The host part must be a valid Android package name, with |
| 33 // no escaping, so it must be composed of characters [a-zA-Z0-9_.]. |
| 34 // |
| 35 // The username part must be the hash of the certificate used to sign the |
| 36 // APK, base64-encoded using padding and the "URL and filename safe" base64 |
| 37 // alphabet, with no further escaping. This is normally calculated as: |
| 38 // |
| 39 // echo -n -e "$PEM_KEY" | |
| 40 // openssl x509 -outform DER | |
| 41 // openssl sha -sha512 -binary | base64 | tr '+/' '-_' |
| 42 // |
| 43 |
| 44 #ifndef COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_AFFILIATION_UTILS_H_ |
| 45 #define COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_AFFILIATION_UTILS_H_ |
| 46 |
| 47 #include <iosfwd> |
| 48 #include <string> |
| 49 #include <vector> |
| 50 |
| 51 #include <stddef.h> |
| 52 |
| 53 #include "base/containers/hash_tables.h" |
| 54 #include "base/logging.h" |
| 55 #include "base/strings/utf_string_conversions.h" |
| 56 #include "base/time/time.h" |
| 57 #include "url/third_party/mozilla/url_parse.h" |
| 58 |
| 59 namespace autofill { |
| 60 struct PasswordForm; |
| 61 } // namespace autofill |
| 62 |
| 63 namespace password_manager { |
| 64 |
| 65 // Encapsulates a facet URI in canonical form. |
| 66 // |
| 67 // This is a very light-weight wrapper around an std::string containing the text |
| 68 // of the URI, and can be passed around as a value. The main rationale for the |
| 69 // existence of this class is to make it clearer in the code when a certain URI |
| 70 // is known to be a valid facet URI in canonical form, and to allow verifying |
| 71 // and converting URIs to such canonical form. |
| 72 // |
| 73 // Note that it would be impractical to use GURL to represent facet URIs, as |
| 74 // GURL has built-in logic to parse the rest of the URI according to its scheme, |
| 75 // and obviously, it does not recognize the "android" scheme. Therefore, after |
| 76 // parsing, everything ends up in the path component, which is not too helpful. |
| 77 class FacetURI { |
| 78 public: |
| 79 FacetURI(); |
| 80 |
| 81 // As a light-weight std::string wrapper, allow copy and assign. |
| 82 FacetURI(const FacetURI&) = default; |
| 83 FacetURI& operator=(const FacetURI&) = default; |
| 84 |
| 85 // Constructs an instance to encapsulate the canonical form of |spec|. |
| 86 // If |spec| is not a valid facet URI, then an invalid instance is returned, |
| 87 // which then should be discarded. |
| 88 static FacetURI FromPotentiallyInvalidSpec(const std::string& spec); |
| 89 |
| 90 // Constructs a valid FacetURI instance from a valid |canonical_spec|. |
| 91 // Note: The passed-in URI is not verified at all. Use only when you are sure |
| 92 // the URI is valid and in canonical form. |
| 93 static FacetURI FromCanonicalSpec(const std::string& canonical_spec); |
| 94 |
| 95 // Comparison operators so that FacetURI can be used in std::equal. |
| 96 bool operator==(const FacetURI& other) const; |
| 97 bool operator!=(const FacetURI& other) const; |
| 98 |
| 99 // Relational operators so that FacetURI can be used in sorted containers. |
| 100 bool operator<(const FacetURI& other) const; |
| 101 bool operator>(const FacetURI& other) const; |
| 102 |
| 103 // Returns whether or not this instance represents a valid facet identifier |
| 104 // referring to a Web application. |
| 105 bool IsValidWebFacetURI() const; |
| 106 |
| 107 // Returns whether or not this instance represents a valid facet identifier |
| 108 // referring to an Android application. |
| 109 bool IsValidAndroidFacetURI() const; |
| 110 |
| 111 // Returns whether or not this instance represents a valid facet identifier |
| 112 // referring to either a Web or an Android application. The empty identfier is |
| 113 // not considered valid. |
| 114 bool is_valid() const { return is_valid_; } |
| 115 |
| 116 // Returns whether or not this instance represents the empty facet identifier. |
| 117 bool is_empty() const { return canonical_spec_.empty(); } |
| 118 |
| 119 // Returns the canonical scheme of the encapsulated facet URI, provided it is |
| 120 // valid, or the empty string otherwise. |
| 121 std::string scheme() const; |
| 122 |
| 123 // Returns the canonical package name that the encapsulated facet URI |
| 124 // references, provided it is a valid Android facet URI, or the empty string |
| 125 // otherwise. |
| 126 std::string android_package_name() const; |
| 127 |
| 128 // Returns the text of the encapsulated canonical URI, which must be valid. |
| 129 const std::string& canonical_spec() const { |
| 130 DCHECK(is_valid_); |
| 131 return canonical_spec_; |
| 132 } |
| 133 |
| 134 // Returns the text of the encapsulated canonical URI, even if it is invalid. |
| 135 const std::string& potentially_invalid_spec() const { |
| 136 return canonical_spec_; |
| 137 } |
| 138 |
| 139 private: |
| 140 // Internal constructor to be used by the static factory methods. |
| 141 FacetURI(const std::string& canonical_spec, bool is_valid); |
| 142 |
| 143 // Whether |canonical_spec_| contains a valid facet URI in canonical form. |
| 144 bool is_valid_; |
| 145 |
| 146 // The text of the encapsulated canonical URI, valid if and only if |
| 147 // |is_valid_| is true. |
| 148 std::string canonical_spec_; |
| 149 |
| 150 // Identified components of the canonical spec. |
| 151 url::Parsed parsed_; |
| 152 }; |
| 153 |
| 154 // A collection of facets affiliated with each other, i.e. an equivalence class. |
| 155 typedef std::vector<FacetURI> AffiliatedFacets; |
| 156 |
| 157 // A collection of facets affiliated with each other, i.e. an equivalence class, |
| 158 // plus a timestamp that indicates the last time the data was updated from an |
| 159 // authoritative source. |
| 160 struct AffiliatedFacetsWithUpdateTime { |
| 161 AffiliatedFacetsWithUpdateTime(); |
| 162 AffiliatedFacetsWithUpdateTime(const AffiliatedFacetsWithUpdateTime& other); |
| 163 ~AffiliatedFacetsWithUpdateTime(); |
| 164 |
| 165 AffiliatedFacets facets; |
| 166 base::Time last_update_time; |
| 167 }; |
| 168 |
| 169 // Returns whether or not equivalence classes |a| and |b| are equal, that is, |
| 170 // whether or not they consist of the same set of facets. |
| 171 // |
| 172 // Note that this will do some sorting, so it can be expensive for large inputs. |
| 173 bool AreEquivalenceClassesEqual(const AffiliatedFacets& a, |
| 174 const AffiliatedFacets& b); |
| 175 |
| 176 // A shorter way to spell FacetURI::IsValidAndroidFacetURI(). |
| 177 bool IsValidAndroidFacetURI(const std::string& uri); |
| 178 |
| 179 // Returns the origin URI in a format which can be presented to a user based of |
| 180 // |password_from| field values. |
| 181 std::string GetHumanReadableOrigin(const autofill::PasswordForm& password_form); |
| 182 |
| 183 // Returns the Android origin URI for presenting to a user. |
| 184 std::string GetHumanReadableOriginForAndroidUri(const FacetURI facet_uri); |
| 185 |
| 186 // For logging use only. |
| 187 std::ostream& operator<<(std::ostream& os, const FacetURI& facet_uri); |
| 188 |
| 189 struct FacetURIHash { |
| 190 size_t operator()(const FacetURI& facet_uri) const { |
| 191 return std::hash<std::string>()(facet_uri.potentially_invalid_spec()); |
| 192 } |
| 193 }; |
| 194 |
| 195 } // namespace password_manager |
| 196 |
| 197 #endif // COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_AFFILIATION_UTILS_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2953443002:
Revert of Reland: Move the files related to Android <-> Web credentials to a separate folder. (Closed)
