| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chromecast/shell/browser/cast_content_browser_client.h" | 5 #include "chromecast/shell/browser/cast_content_browser_client.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/files/scoped_file.h" | 8 #include "base/files/scoped_file.h" |
| 9 #include "base/i18n/rtl.h" | 9 #include "base/i18n/rtl.h" |
| 10 #include "base/path_service.h" | 10 #include "base/path_service.h" |
| 11 #include "chromecast/common/cast_paths.h" | 11 #include "chromecast/common/cast_paths.h" |
| 12 #include "chromecast/common/global_descriptors.h" | 12 #include "chromecast/common/global_descriptors.h" |
| 13 #include "chromecast/shell/browser/cast_browser_context.h" | 13 #include "chromecast/shell/browser/cast_browser_context.h" |
| 14 #include "chromecast/shell/browser/cast_browser_main_parts.h" | 14 #include "chromecast/shell/browser/cast_browser_main_parts.h" |
| 15 #include "chromecast/shell/browser/cast_browser_process.h" | 15 #include "chromecast/shell/browser/cast_browser_process.h" |
| 16 #include "chromecast/shell/browser/cast_network_delegate.h" |
| 16 #include "chromecast/shell/browser/devtools/cast_dev_tools_delegate.h" | 17 #include "chromecast/shell/browser/devtools/cast_dev_tools_delegate.h" |
| 17 #include "chromecast/shell/browser/geolocation/cast_access_token_store.h" | 18 #include "chromecast/shell/browser/geolocation/cast_access_token_store.h" |
| 18 #include "chromecast/shell/browser/url_request_context_factory.h" | 19 #include "chromecast/shell/browser/url_request_context_factory.h" |
| 19 #include "content/public/browser/browser_thread.h" | 20 #include "content/public/browser/browser_thread.h" |
| 20 #include "content/public/browser/certificate_request_result_type.h" | 21 #include "content/public/browser/certificate_request_result_type.h" |
| 21 #include "content/public/browser/render_process_host.h" | 22 #include "content/public/browser/render_process_host.h" |
| 22 #include "content/public/common/content_descriptors.h" | 23 #include "content/public/common/content_descriptors.h" |
| 23 #include "content/public/common/content_switches.h" | 24 #include "content/public/common/content_switches.h" |
| 24 #include "content/public/common/url_constants.h" | 25 #include "content/public/common/url_constants.h" |
| 25 #include "content/public/common/web_preferences.h" | 26 #include "content/public/common/web_preferences.h" |
| 27 #include "net/ssl/ssl_cert_request_info.h" |
| 26 | 28 |
| 27 namespace chromecast { | 29 namespace chromecast { |
| 28 namespace shell { | 30 namespace shell { |
| 29 | 31 |
| 30 CastContentBrowserClient::CastContentBrowserClient() | 32 CastContentBrowserClient::CastContentBrowserClient() |
| 31 : url_request_context_factory_(new URLRequestContextFactory()) { | 33 : url_request_context_factory_(new URLRequestContextFactory()) { |
| 32 } | 34 } |
| 33 | 35 |
| 34 CastContentBrowserClient::~CastContentBrowserClient() { | 36 CastContentBrowserClient::~CastContentBrowserClient() { |
| 35 content::BrowserThread::DeleteSoon( | 37 content::BrowserThread::DeleteSoon( |
| (...skipping 91 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 127 bool strict_enforcement, | 129 bool strict_enforcement, |
| 128 bool expired_previous_decision, | 130 bool expired_previous_decision, |
| 129 const base::Callback<void(bool)>& callback, | 131 const base::Callback<void(bool)>& callback, |
| 130 content::CertificateRequestResultType* result) { | 132 content::CertificateRequestResultType* result) { |
| 131 // Allow developers to override certificate errors. | 133 // Allow developers to override certificate errors. |
| 132 // Otherwise, any fatal certificate errors will cause an abort. | 134 // Otherwise, any fatal certificate errors will cause an abort. |
| 133 *result = content::CERTIFICATE_REQUEST_RESULT_TYPE_CANCEL; | 135 *result = content::CERTIFICATE_REQUEST_RESULT_TYPE_CANCEL; |
| 134 return; | 136 return; |
| 135 } | 137 } |
| 136 | 138 |
| 139 void CastContentBrowserClient::SelectClientCertificate( |
| 140 int render_process_id, |
| 141 int render_view_id, |
| 142 const net::HttpNetworkSession* network_session, |
| 143 net::SSLCertRequestInfo* cert_request_info, |
| 144 const base::Callback<void(net::X509Certificate*)>& callback) { |
| 145 GURL requesting_url("https://" + cert_request_info->host_and_port.ToString()); |
| 146 |
| 147 if (!requesting_url.is_valid()) { |
| 148 LOG(ERROR) << "Invalid URL string: " |
| 149 << requesting_url.possibly_invalid_spec(); |
| 150 callback.Run(NULL); |
| 151 return; |
| 152 } |
| 153 |
| 154 // In our case there are no relevant certs in the cert_request_info. The cert |
| 155 // we need to return (if permitted) is the Cast device cert, which we can |
| 156 // access directly through the ClientAuthSigner instance. However, we need to |
| 157 // be on the IO thread to determine whether the app is whitelisted to return |
| 158 // it, because CastNetworkDelegate is bound to the IO thread. |
| 159 // Subsequently, the callback must then itself be performed back here |
| 160 // on the UI thread. |
| 161 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); |
| 162 content::BrowserThread::PostTaskAndReplyWithResult( |
| 163 content::BrowserThread::IO, |
| 164 FROM_HERE, |
| 165 base::Bind( |
| 166 &CastContentBrowserClient::SelectClientCertificateOnIOThread, |
| 167 base::Unretained(this), |
| 168 requesting_url), |
| 169 callback); |
| 170 } |
| 171 |
| 172 net::X509Certificate* |
| 173 CastContentBrowserClient::SelectClientCertificateOnIOThread( |
| 174 GURL requesting_url) { |
| 175 DCHECK_CURRENTLY_ON(content::BrowserThread::IO); |
| 176 CastNetworkDelegate* network_delegate = |
| 177 url_request_context_factory_->app_network_delegate(); |
| 178 if (network_delegate->IsWhitelisted(requesting_url, false)) { |
| 179 return CastNetworkDelegate::DeviceCert(); |
| 180 } else { |
| 181 LOG(ERROR) << "Invalid host for client certificate request: " |
| 182 << requesting_url.host(); |
| 183 return NULL; |
| 184 } |
| 185 } |
| 186 |
| 137 bool CastContentBrowserClient::CanCreateWindow( | 187 bool CastContentBrowserClient::CanCreateWindow( |
| 138 const GURL& opener_url, | 188 const GURL& opener_url, |
| 139 const GURL& opener_top_level_frame_url, | 189 const GURL& opener_top_level_frame_url, |
| 140 const GURL& source_origin, | 190 const GURL& source_origin, |
| 141 WindowContainerType container_type, | 191 WindowContainerType container_type, |
| 142 const GURL& target_url, | 192 const GURL& target_url, |
| 143 const content::Referrer& referrer, | 193 const content::Referrer& referrer, |
| 144 WindowOpenDisposition disposition, | 194 WindowOpenDisposition disposition, |
| 145 const blink::WebWindowFeatures& features, | 195 const blink::WebWindowFeatures& features, |
| 146 bool user_gesture, | 196 bool user_gesture, |
| (...skipping 25 matching lines...) Expand all Loading... |
| 172 << "cast_shell.pak"; | 222 << "cast_shell.pak"; |
| 173 } | 223 } |
| 174 mappings->Transfer( | 224 mappings->Transfer( |
| 175 kAndroidPakDescriptor, | 225 kAndroidPakDescriptor, |
| 176 base::ScopedFD(pak_with_flags.TakePlatformFile())); | 226 base::ScopedFD(pak_with_flags.TakePlatformFile())); |
| 177 #endif // defined(OS_ANDROID) | 227 #endif // defined(OS_ANDROID) |
| 178 } | 228 } |
| 179 | 229 |
| 180 } // namespace shell | 230 } // namespace shell |
| 181 } // namespace chromecast | 231 } // namespace chromecast |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 618863002:
Chromecast: device identification for whitelisted apps and servers. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master