customtabs: Extract a redirect endpoint, and maybe connect to it.

chrome/android/java/src/org/chromium/chrome/browser/customtabs/OriginVerifier.java

 // Copyright 2017 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 package org.chromium.chrome.browser.customtabs;
 
 import android.content.pm.PackageInfo;
 import android.content.pm.PackageManager;
 import android.net.Uri;
 import android.support.annotation.NonNull;
@@ skipping 12 matching lines @@
 
 import java.io.ByteArrayInputStream;
 import java.io.InputStream;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.security.cert.CertificateEncodingException;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;
 import java.security.cert.X509Certificate;
 import java.util.HashMap;
+import java.util.HashSet;
 import java.util.Locale;
 import java.util.Map;
+import java.util.Set;
 
 /**
  * Used to verify postMessage origin for a designated package name.
  *
  * Uses Digital Asset Links to confirm that the given origin is associated with the package name as
  * a postMessage origin. It caches any origin that has been verified during the current application
  * lifecycle and reuses that without making any new network requests.
  *
  * The lifecycle of this object is governed by the owner. The owner has to call
  * {@link OriginVerifier#cleanUp()} for proper cleanup of dependencies.
  */
 @JNINamespace("customtabs")
 class OriginVerifier {
     private static final String TAG = "OriginVerifier";
     private static final char[] HEX_CHAR_LOOKUP = "0123456789ABCDEF".toCharArray();
-    private static Map<String, Uri> sCachedOriginMap;
+    private static Map<String, Set<Uri>> sPackageToCachedOrigins;
     private final OriginVerificationListener mListener;
     private final String mPackageName;
     private final String mSignatureFingerprint;
     private long mNativeOriginVerifier = 0;
     private Uri mOrigin;
 
-    /**
-     * To be used for prepopulating verified origin for testing functionality.
-     * @param packageName The package name to prepopulate for.
-     * @param origin The origin to add as verified.
-     */
-    @VisibleForTesting
-    static void prePopulateVerifiedOriginForTesting(String packageName, Uri origin) {
-        cacheVerifiedOriginIfNeeded(packageName, origin);
+    /** Small helper class to post a result of origin verification. */
+    private class VerifiedCallback implements Runnable {
+        private final boolean mResult;
+
+        public VerifiedCallback(boolean result) {
+            this.mResult = result;
+        }
+
+        @Override
+        public void run() {
+            originVerified(mResult);
+        }
     }
 
     private static Uri getPostMessageOriginFromVerifiedOrigin(
             String packageName, Uri verifiedOrigin) {
         return Uri.parse(IntentHandler.ANDROID_APP_REFERRER_SCHEME + "://"
                 + verifiedOrigin.getHost() + "/" + packageName);
     }
 
-    private static void cacheVerifiedOriginIfNeeded(String packageName, Uri origin) {
-        if (sCachedOriginMap == null) sCachedOriginMap = new HashMap<>();
-        if (!sCachedOriginMap.containsKey(packageName)) {
-            sCachedOriginMap.put(packageName, origin);
-        }
+    /** Clears all known relations. */
+    @VisibleForTesting
+    static void reset() {
+        ThreadUtils.assertOnUiThread();
+        if (sPackageToCachedOrigins != null) sPackageToCachedOrigins.clear();
     }
 
     /**
+     * Mark an origin as verified for a package.
+     * @param packageName The package name to prepopulate for.
+     * @param origin The origin to add as verified.
+     */
+    static void addVerifiedOriginForPackage(String packageName, Uri origin) {
+        ThreadUtils.assertOnUiThread();
+        if (sPackageToCachedOrigins == null) sPackageToCachedOrigins = new HashMap<>();
+        Set<Uri> cachedOrigins = sPackageToCachedOrigins.get(packageName);
+        if (cachedOrigins == null) {
+            cachedOrigins = new HashSet<Uri>();
+            sPackageToCachedOrigins.put(packageName, cachedOrigins);
+        }
+        cachedOrigins.add(origin);
+    }
+
+    /**
+     * Returns whether an origin is first-party relative to a given package name.
+     *
+     * This only returns data from previously cached relations, and does not
+     * trigger an asynchronous validation.
+     *
+     * @param packageName The package name
+     * @param origin The origin to verify
+     */
+    static boolean isValidOrigin(String packageName, Uri origin) {
+        ThreadUtils.assertOnUiThread();
+        if (sPackageToCachedOrigins == null) return false;
+        Set<Uri> cachedOrigins = sPackageToCachedOrigins.get(packageName);
+        if (cachedOrigins == null) return false;
+        return cachedOrigins.contains(origin);
+    }
+
+    /**
      * Callback interface for getting verification results.
      */
     public interface OriginVerificationListener {
         /**
          * To be posted on the handler thread after the verification finishes.
          * @param packageName The package name for the origin verification query for this result.
          * @param origin The origin that was declared on the query for this result.
          * @param verified Whether the given origin was verified to correspond to the given package.
          */
         void onOriginVerified(String packageName, Uri origin, boolean verified);
@@ skipping 14 matching lines @@
     /**
      * Verify the claimed origin for the cached package name asynchronously. This will end up
      * making a network request for non-cached origins with a URLFetcher using the last used
      * profile as context.
      * @param origin The postMessage origin the application is claiming to have. Can't be null.
      */
     public void start(@NonNull Uri origin) {
         ThreadUtils.assertOnUiThread();
         mOrigin = origin;
         if (!UrlConstants.HTTPS_SCHEME.equals(mOrigin.getScheme().toLowerCase(Locale.US))) {
-            ThreadUtils.postOnUiThread(new Runnable() {
-                @Override
-                public void run() {
-                    originVerified(false);
-                }
-            });
+            ThreadUtils.runOnUiThread(new VerifiedCallback(false));
             return;
         }
 
         // If this origin is cached as verified already, use that.
-        Uri cachedOrigin = getCachedOriginIfExists();
-        if (cachedOrigin != null && cachedOrigin.equals(origin)) {
-            ThreadUtils.postOnUiThread(new Runnable() {
-                @Override
-                public void run() {
-                    originVerified(true);
-                }
-            });
+        if (isValidOrigin(mPackageName, origin)) {
+            ThreadUtils.runOnUiThread(new VerifiedCallback(true));
             return;
         }
         if (mNativeOriginVerifier != 0) cleanUp();
         if (!BrowserStartupController.get(LibraryProcessType.PROCESS_BROWSER)
                         .isStartupSuccessfullyCompleted()) {
             // Early return for testing without native.
             return;
         }
         mNativeOriginVerifier = nativeInit(Profile.getLastUsedProfile().getOriginalProfile());
         assert mNativeOriginVerifier != 0;
         boolean success = nativeVerifyOrigin(
                 mNativeOriginVerifier, mPackageName, mSignatureFingerprint, mOrigin.toString());
-        if (!success) {
-            ThreadUtils.postOnUiThread(new Runnable() {
-                @Override
-                public void run() {
-                    originVerified(false);
-                }
-            });
-        }
+        if (!success) ThreadUtils.runOnUiThread(new VerifiedCallback(false));
     }
 
     /**
      * Cleanup native dependencies on this object.
      */
     void cleanUp() {
         if (mNativeOriginVerifier == 0) return;
         nativeDestroy(mNativeOriginVerifier);
         mNativeOriginVerifier = 0;
     }
@@ skipping 49 matching lines @@
             hexString.append(HEX_CHAR_LOOKUP[(byteArray[i] & 0xf0) >>> 4]);
             hexString.append(HEX_CHAR_LOOKUP[byteArray[i] & 0xf]);
             if (i < (byteArray.length - 1)) hexString.append(':');
         }
         return hexString.toString();
     }
 
     @CalledByNative
     private void originVerified(boolean originVerified) {
         if (originVerified) {
-            cacheVerifiedOriginIfNeeded(mPackageName, mOrigin);
+            addVerifiedOriginForPackage(mPackageName, mOrigin);
             mOrigin = getPostMessageOriginFromVerifiedOrigin(mPackageName, mOrigin);
         }
         mListener.onOriginVerified(mPackageName, mOrigin, originVerified);
         cleanUp();
     }
 
-    private Uri getCachedOriginIfExists() {
-        if (sCachedOriginMap == null) return null;
-        return sCachedOriginMap.get(mPackageName);
-    }
-
     private native long nativeInit(Profile profile);
     private native boolean nativeVerifyOrigin(long nativeOriginVerifier, String packageName,
             String signatureFingerprint, String origin);
     private native void nativeDestroy(long nativeOriginVerifier);
 }