Chromium Code Reviews Chromium Code Reviews
Issue 618863002:
Chromecast: device identification for whitelisted apps and servers. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chromecast/shell/browser/cast_content_browser_client.h" | 5 #include "chromecast/shell/browser/cast_content_browser_client.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/i18n/rtl.h" | 8 #include "base/i18n/rtl.h" |
| 9 #include "base/path_service.h" | 9 #include "base/path_service.h" |
| 10 #include "chromecast/common/cast_paths.h" | 10 #include "chromecast/common/cast_paths.h" |
| 11 #include "chromecast/common/global_descriptors.h" | 11 #include "chromecast/common/global_descriptors.h" |
| 12 #include "chromecast/shell/browser/cast_browser_context.h" | 12 #include "chromecast/shell/browser/cast_browser_context.h" |
| 13 #include "chromecast/shell/browser/cast_browser_main_parts.h" | 13 #include "chromecast/shell/browser/cast_browser_main_parts.h" |
| 14 #include "chromecast/shell/browser/cast_browser_process.h" | 14 #include "chromecast/shell/browser/cast_browser_process.h" |
| 15 #include "chromecast/shell/browser/cast_network_delegate.h" | |
| 15 #include "chromecast/shell/browser/devtools/cast_dev_tools_delegate.h" | 16 #include "chromecast/shell/browser/devtools/cast_dev_tools_delegate.h" |
| 16 #include "chromecast/shell/browser/geolocation/cast_access_token_store.h" | 17 #include "chromecast/shell/browser/geolocation/cast_access_token_store.h" |
| 17 #include "chromecast/shell/browser/url_request_context_factory.h" | 18 #include "chromecast/shell/browser/url_request_context_factory.h" |
| 18 #include "content/public/browser/browser_thread.h" | 19 #include "content/public/browser/browser_thread.h" |
| 19 #include "content/public/browser/certificate_request_result_type.h" | 20 #include "content/public/browser/certificate_request_result_type.h" |
| 20 #include "content/public/browser/file_descriptor_info.h" | 21 #include "content/public/browser/file_descriptor_info.h" |
| 21 #include "content/public/browser/render_process_host.h" | 22 #include "content/public/browser/render_process_host.h" |
| 22 #include "content/public/common/content_descriptors.h" | 23 #include "content/public/common/content_descriptors.h" |
| 23 #include "content/public/common/content_switches.h" | 24 #include "content/public/common/content_switches.h" |
| 24 #include "content/public/common/url_constants.h" | 25 #include "content/public/common/url_constants.h" |
| 25 #include "content/public/common/web_preferences.h" | 26 #include "content/public/common/web_preferences.h" |
| 27 #include "net/ssl/ssl_cert_request_info.h" | |
| 26 | 28 |
| 27 namespace chromecast { | 29 namespace chromecast { |
| 28 namespace shell { | 30 namespace shell { |
| 29 | 31 |
| 30 CastContentBrowserClient::CastContentBrowserClient() | 32 CastContentBrowserClient::CastContentBrowserClient() |
| 31 : url_request_context_factory_(new URLRequestContextFactory()) { | 33 : url_request_context_factory_(new URLRequestContextFactory()) { |
| 32 } | 34 } |
| 33 | 35 |
| 34 CastContentBrowserClient::~CastContentBrowserClient() { | 36 CastContentBrowserClient::~CastContentBrowserClient() { |
| 35 content::BrowserThread::DeleteSoon( | 37 content::BrowserThread::DeleteSoon( |
| (...skipping 91 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 127 bool strict_enforcement, | 129 bool strict_enforcement, |
| 128 bool expired_previous_decision, | 130 bool expired_previous_decision, |
| 129 const base::Callback<void(bool)>& callback, | 131 const base::Callback<void(bool)>& callback, |
| 130 content::CertificateRequestResultType* result) { | 132 content::CertificateRequestResultType* result) { |
| 131 // Allow developers to override certificate errors. | 133 // Allow developers to override certificate errors. |
| 132 // Otherwise, any fatal certificate errors will cause an abort. | 134 // Otherwise, any fatal certificate errors will cause an abort. |
| 133 *result = content::CERTIFICATE_REQUEST_RESULT_TYPE_CANCEL; | 135 *result = content::CERTIFICATE_REQUEST_RESULT_TYPE_CANCEL; |
| 134 return; | 136 return; |
| 135 } | 137 } |
| 136 | 138 |
| 139 void CastContentBrowserClient::SelectClientCertificate( | |
| 140 int render_process_id, | |
| 141 int render_view_id, | |
| 142 const net::HttpNetworkSession* network_session, | |
| 143 net::SSLCertRequestInfo* cert_request_info, | |
| 144 const base::Callback<void(net::X509Certificate*)>& callback) { | |
| 145 GURL requesting_url("https://" + cert_request_info->host_and_port.ToString()); | |
| 146 | |
| 147 if (!requesting_url.is_valid()) { | |
| 148 LOG(ERROR) << "Invalid URL string: " | |
| 149 << requesting_url.possibly_invalid_spec(); | |
| 150 callback.Run(NULL); | |
| 151 return; | |
| 152 } | |
| 153 | |
| 154 // In our case there are no relevant certs in the cert_request_info. The cert | |
| 155 // we need to return (if permitted) is the Cast device cert, which we can | |
| 156 // access directly through the ClientAuthSigner instance. However, we need to | |
| 157 // be on the IO thread to determine whether the app is whitelisted to return | |
| 158 // it, because CastNetworkDelegate is bound to the latter thread. | |
|
lcwu1
2014/10/02 19:56:33
s/latter/IO (as there is no mention of a 'former'
gunsch
2014/10/02 20:29:25
Done.
| |
| 159 // Subsequently, the callback must then itself be performed back here | |
| 160 // on the UI thread. | |
| 161 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); | |
| 162 content::BrowserThread::PostTaskAndReplyWithResult( | |
| 163 content::BrowserThread::IO, | |
| 164 FROM_HERE, | |
| 165 base::Bind( | |
| 166 &CastContentBrowserClient::SelectClientCertificateOnIOThread, | |
| 167 base::Unretained(this), | |
| 168 requesting_url), | |
| 169 callback); | |
| 170 } | |
| 171 | |
| 172 net::X509Certificate* | |
| 173 CastContentBrowserClient::SelectClientCertificateOnIOThread( | |
| 174 GURL requesting_url) { | |
| 175 DCHECK_CURRENTLY_ON(content::BrowserThread::IO); | |
| 176 CastNetworkDelegate* network_delegate = | |
| 177 url_request_context_factory_->app_network_delegate(); | |
| 178 if (network_delegate->IsWhitelisted(requesting_url, false)) { | |
| 179 return CastNetworkDelegate::DeviceCert(); | |
| 180 } else { | |
| 181 LOG(ERROR) << "Invalid host for client certificate request: " | |
| 182 << requesting_url.host(); | |
| 183 return NULL; | |
| 184 } | |
| 185 } | |
| 186 | |
| 137 bool CastContentBrowserClient::CanCreateWindow( | 187 bool CastContentBrowserClient::CanCreateWindow( |
| 138 const GURL& opener_url, | 188 const GURL& opener_url, |
| 139 const GURL& opener_top_level_frame_url, | 189 const GURL& opener_top_level_frame_url, |
| 140 const GURL& source_origin, | 190 const GURL& source_origin, |
| 141 WindowContainerType container_type, | 191 WindowContainerType container_type, |
| 142 const GURL& target_url, | 192 const GURL& target_url, |
| 143 const content::Referrer& referrer, | 193 const content::Referrer& referrer, |
| 144 WindowOpenDisposition disposition, | 194 WindowOpenDisposition disposition, |
| 145 const blink::WebWindowFeatures& features, | 195 const blink::WebWindowFeatures& features, |
| 146 bool user_gesture, | 196 bool user_gesture, |
| (...skipping 25 matching lines...) Expand all Loading... | |
| 172 << "cast_shell.pak"; | 222 << "cast_shell.pak"; |
| 173 } | 223 } |
| 174 mappings->push_back(content::FileDescriptorInfo( | 224 mappings->push_back(content::FileDescriptorInfo( |
| 175 kAndroidPakDescriptor, | 225 kAndroidPakDescriptor, |
| 176 base::FileDescriptor(base::File(pak_file, flags)))); | 226 base::FileDescriptor(base::File(pak_file, flags)))); |
| 177 #endif // defined(OS_ANDROID) | 227 #endif // defined(OS_ANDROID) |
| 178 } | 228 } |
| 179 | 229 |
| 180 } // namespace shell | 230 } // namespace shell |
| 181 } // namespace chromecast | 231 } // namespace chromecast |
| OLD | NEW |
