Refactor the captive portal code to move from the ssl_blocking_page class to the ssl_error_classific

chrome/browser/ssl/ssl_error_classification.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/ssl/ssl_error_classification.h"
 
 #include "base/build_time.h"
 #include "base/metrics/field_trial.h"
 #include "base/metrics/histogram.h"
 #include "base/time/time.h"
 #include "chrome/browser/browser_process.h"
-#include "components/network_time/network_time_tracker.h"
+#include "chrome/browser/chrome_notification_types.h"
+#include "chrome/browser/profiles/profile.h"
+#include "chrome/browser/ssl/ssl_error_info.h"
+#include "content/public/browser/notification_service.h"
+#include "content/public/browser/web_contents.h"
+#include "net/base/network_change_notifier.h"
 #include "net/cert/x509_certificate.h"
 
+#if defined(ENABLE_CAPTIVE_PORTAL_DETECTION)
+#include "chrome/browser/captive_portal/captive_portal_service.h"
+#include "chrome/browser/captive_portal/captive_portal_service_factory.h"
+#endif
+
+#if defined(OS_WIN)
+#include "base/win/windows_version.h"
+#endif
+
 using base::Time;
 using base::TimeTicks;
 using base::TimeDelta;
 
-#if defined(OS_WIN)
-#include "base/win/windows_version.h"
-#endif
-
 namespace {
 
 // Events for UMA. Do not reorder or change!
 enum SSLInterstitialCause {
   CLOCK_PAST,
   CLOCK_FUTURE,
   UNUSED_INTERSTITIAL_CAUSE_ENTRY,
 };
 
+// Events for UMA. Do not reorder or change!
+enum SSLInterstitialCauseCaptivePortal {
+  CAPTIVE_PORTAL_DETECTION_ENABLED,
+  CAPTIVE_PORTAL_DETECTION_ENABLED_OVERRIDABLE,
+  CAPTIVE_PORTAL_PROBE_COMPLETED,
+  CAPTIVE_PORTAL_PROBE_COMPLETED_OVERRIDABLE,
+  CAPTIVE_PORTAL_NO_RESPONSE,
+  CAPTIVE_PORTAL_NO_RESPONSE_OVERRIDABLE,
+  CAPTIVE_PORTAL_DETECTED,
+  CAPTIVE_PORTAL_DETECTED_OVERRIDABLE,
+  UNUSED_CAPTIVE_PORTAL_EVENT,
+};
+
 void RecordSSLInterstitialCause(bool overridable, SSLInterstitialCause event) {
   if (overridable) {
     UMA_HISTOGRAM_ENUMERATION("interstitial.ssl.cause.overridable", event,
                               UNUSED_INTERSTITIAL_CAUSE_ENTRY);
   } else {
     UMA_HISTOGRAM_ENUMERATION("interstitial.ssl.cause.nonoverridable", event,
                               UNUSED_INTERSTITIAL_CAUSE_ENTRY);
   }
 }
 
+void RecordCaptivePortalEventStats(SSLInterstitialCauseCaptivePortal event) {
+  UMA_HISTOGRAM_ENUMERATION("interstitial.ssl.captive_portal",
+                            event,
+                            UNUSED_CAPTIVE_PORTAL_EVENT);
+}
+
 } // namespace
 
 SSLErrorClassification::SSLErrorClassification(
+    content::WebContents* web_contents,
     base::Time current_time,
+    int cert_error,
     const net::X509Certificate& cert)
-  : current_time_(current_time),
-    cert_(cert) { }
+  : web_contents_(web_contents),
+    current_time_(current_time),
+    cert_error_(cert_error),
+    cert_(cert),
+    captive_portal_detection_enabled_(false),
+    captive_portal_probe_completed_(false),
+    captive_portal_no_response_(false),
+    captive_portal_detected_(false) {
+#if defined(ENABLE_CAPTIVE_PORTAL_DETECTION)
+  Profile* profile = Profile::FromBrowserContext(
+      web_contents_->GetBrowserContext());
+  CaptivePortalService* captive_portal_service =
+      CaptivePortalServiceFactory::GetForProfile(profile);
+  captive_portal_detection_enabled_ = captive_portal_service ->enabled();
+  captive_portal_service ->DetectCaptivePortal();
+  registrar_.Add(this,
+                 chrome::NOTIFICATION_CAPTIVE_PORTAL_CHECK_RESULT,
+                 content::Source<Profile>(profile));
+#endif
+}
 
 SSLErrorClassification::~SSLErrorClassification() { }
 
-float SSLErrorClassification::InvalidDateSeverityScore() const {
-  // Client-side characterisitics. Check whether the system's clock is wrong or
-  // not and whether the user has encountered this error before or not.
+void SSLErrorClassification::InvalidDateSeverityScore() const {
+  // Client-side characteristics. Check whether or not the system's clock is
+  // wrong and whether or not the user has encountered this error before.
   float severity_date_score = 0.0f;
 
   static const float kClientWeight = 0.5f;
   static const float kSystemClockWeight = 0.75f;
   static const float kSystemClockWrongWeight = 0.1f;
   static const float kSystemClockRightWeight = 1.0f;
 
   static const float kServerWeight = 0.5f;
   static const float kCertificateExpiredWeight = 0.3f;
   static const float kNotYetValidWeight = 0.2f;
 
   if (IsUserClockInThePast(current_time_)  ||
       IsUserClockInTheFuture(current_time_)) {
     severity_date_score = kClientWeight * kSystemClockWeight *
         kSystemClockWrongWeight;
   } else {
     severity_date_score = kClientWeight * kSystemClockWeight *
         kSystemClockRightWeight;
   }
   // TODO(radhikabhar): (crbug.com/393262) Check website settings.
 
   // Server-side characteristics. Check whether the certificate has expired or
   // is not yet valid. If the certificate has expired then factor the time which
   // has passed since expiry.
   if (cert_.HasExpired()) {
     severity_date_score += kServerWeight * kCertificateExpiredWeight *
         CalculateScoreTimePassedSinceExpiry();
   }
   if (current_time_ < cert_.valid_start())
     severity_date_score += kServerWeight * kNotYetValidWeight;

[felt, 2014/07/29 01:47:53]

This no longer has a return value,  so what's the point of the method now?

[radhikabhar, 2014/07/29 17:56:56]

Again, I was thinking way ahead here when I have the histogram CL for the
severity score here. Then I will record the score right here and I didn't need
the severity score anywhere else so I don't need to return the score.

-  return severity_date_score;
+}
+
+void SSLErrorClassification::RecordUMAStatistics(bool overridable) const {
+  if (IsUserClockInThePast(base::Time::NowFromSystemTime()))
+    RecordSSLInterstitialCause(overridable, CLOCK_PAST);
+  if (IsUserClockInTheFuture(base::Time::NowFromSystemTime()))
+    RecordSSLInterstitialCause(overridable, CLOCK_FUTURE);
+}
+
+void SSLErrorClassification::RecordCaptivePortalUMAStatistics(
+    bool overridable) const {
+#if defined(ENABLE_CAPTIVE_PORTAL_DETECTION)
+  if (captive_portal_detection_enabled_)
+    RecordCaptivePortalEventStats(
+        overridable ?
+        CAPTIVE_PORTAL_DETECTION_ENABLED_OVERRIDABLE :
+        CAPTIVE_PORTAL_DETECTION_ENABLED);
+  if (captive_portal_probe_completed_)
+    RecordCaptivePortalEventStats(
+        overridable ?
+        CAPTIVE_PORTAL_PROBE_COMPLETED_OVERRIDABLE :
+        CAPTIVE_PORTAL_PROBE_COMPLETED);
+  // Log only one of portal detected and no response results.
+  if (captive_portal_detected_)
+    RecordCaptivePortalEventStats(
+        overridable ?
+        CAPTIVE_PORTAL_DETECTED_OVERRIDABLE :
+        CAPTIVE_PORTAL_DETECTED);
+  else if (captive_portal_no_response_)
+    RecordCaptivePortalEventStats(
+        overridable ?
+        CAPTIVE_PORTAL_NO_RESPONSE_OVERRIDABLE :
+        CAPTIVE_PORTAL_NO_RESPONSE);
+#endif
 }
 
 base::TimeDelta SSLErrorClassification::TimePassedSinceExpiry() const {
   base::TimeDelta delta = current_time_ - cert_.valid_expiry();
   return delta;
 }
 
 float SSLErrorClassification::CalculateScoreTimePassedSinceExpiry() const {
   base::TimeDelta delta = TimePassedSinceExpiry();
   int64 time_passed = delta.InDays();
   const int64 kHighThreshold = 7;
   const int64 kLowThreshold = 4;
   static const float kHighThresholdWeight = 0.4f;
   static const float kMediumThresholdWeight = 0.3f;
   static const float kLowThresholdWeight = 0.2f;
   if (time_passed >= kHighThreshold)
     return kHighThresholdWeight;
   else if (time_passed >= kLowThreshold)
     return kMediumThresholdWeight;
   else
     return kLowThresholdWeight;
 }
 
+float SSLErrorClassification::CalculateScoreEnvironments() const {

[felt, 2014/07/29 01:47:53]

I'm confused, I still don't see this being invoked anywhere.

[radhikabhar, 2014/07/29 17:56:56]

This function only makes sense for the CERT_COMMON_NAME_INVALID error. So as
soon as my CL lands for the common name errors I will add a call to this
function in the InvalidCommonNameSeverityScore() function.

There are too many dependencies on the other CL's. Maybe I should wait for the
common name CL to land before landing this CL.

+  static const float kWifiWeight = 0.7f;
+  static const float kCellularWeight = 0.7f;
+  static const float kHotspotWeight = 0.2f;
+  static const float kEthernetWeight = 0.7f;
+  static const float kOtherWeight = 0.7f;
+  net::NetworkChangeNotifier::ConnectionType type =
+      net::NetworkChangeNotifier::GetConnectionType();
+  if (type == net::NetworkChangeNotifier::CONNECTION_WIFI)
+    return kWifiWeight;
+  if (type == net::NetworkChangeNotifier::CONNECTION_2G ||
+      type == net::NetworkChangeNotifier::CONNECTION_3G ||
+      type == net::NetworkChangeNotifier::CONNECTION_4G ) {
+    return kCellularWeight;
+  }
+  if (type == net::NetworkChangeNotifier::CONNECTION_ETHERNET)
+    return kEthernetWeight;
+#if defined(ENABLE_CAPTIVE_PORTAL_DETECTION)
+  // Assume if captive portals are detected then the user is connected using a
+  // hot spot.
+  if (captive_portal_probe_completed_ && captive_portal_detected_)
+      return kHotspotWeight;
+#endif
+  return kOtherWeight;
+}
+
 bool SSLErrorClassification::IsUserClockInThePast(base::Time time_now) {
   base::Time build_time = base::GetBuildTime();
   if (time_now < build_time - base::TimeDelta::FromDays(2))
     return true;
   return false;
 }
 
 bool SSLErrorClassification::IsUserClockInTheFuture(base::Time time_now) {
   base::Time build_time = base::GetBuildTime();
   if (time_now > build_time + base::TimeDelta::FromDays(365))
     return true;
   return false;
 }
 
 bool SSLErrorClassification::IsWindowsVersionSP3OrLower() {
 #if defined(OS_WIN)
   const base::win::OSInfo* os_info = base::win::OSInfo::GetInstance();
   base::win::OSInfo::ServicePack service_pack = os_info->service_pack();
   if (os_info->version() < base::win::VERSION_VISTA && service_pack.major < 3)
     return true;
 #endif
   return false;
 }
 
-void SSLErrorClassification::RecordUMAStatistics(bool overridable) {
-  if (IsUserClockInThePast(base::Time::NowFromSystemTime()))
-    RecordSSLInterstitialCause(overridable, CLOCK_PAST);
-  if (IsUserClockInTheFuture(base::Time::NowFromSystemTime()))
-    RecordSSLInterstitialCause(overridable, CLOCK_FUTURE);
+void SSLErrorClassification::Observe(
+    int type,
+    const content::NotificationSource& source,
+    const content::NotificationDetails& details) {
+#if defined(ENABLE_CAPTIVE_PORTAL_DETECTION)
+  // When detection is disabled, captive portal service always sends
+  // RESULT_INTERNET_CONNECTED. Ignore any probe results in that case.
+  if (!captive_portal_detection_enabled_)
+    return;
+  if (type == chrome::NOTIFICATION_CAPTIVE_PORTAL_CHECK_RESULT) {
+    captive_portal_probe_completed_ = true;
+    CaptivePortalService::Results* results =
+        content::Details<CaptivePortalService::Results>(
+            details).ptr();
+    // If a captive portal was detected at any point when the interstitial was
+    // displayed, assume that the interstitial was caused by a captive portal.
+    // Example scenario:
+    // 1- Interstitial displayed and captive portal detected, setting the flag.
+    // 2- Captive portal detection automatically opens portal login page.
+    // 3- User logs in on the portal login page.
+    // A notification will be received here for RESULT_INTERNET_CONNECTED. Make
+    // sure we don't clear the captive protal flag, since the interstitial was
+    // potentially caused by the captive portal.
+    captive_portal_detected_ = captive_portal_detected_ ||
+        (results->result == captive_portal::RESULT_BEHIND_CAPTIVE_PORTAL);
+    // Also keep track of non-HTTP portals and error cases.
+    captive_portal_no_response_ = captive_portal_no_response_ ||
+        (results->result == captive_portal::RESULT_NO_RESPONSE);
+    if (SSLErrorInfo::NetErrorToErrorType(cert_error_) ==
+        SSLErrorInfo::CERT_DATE_INVALID) {
+      InvalidDateSeverityScore();
+    }
+  }
+#endif
 }