Added utility functions related to working with "facets".

components/password_manager/core/browser/affiliation_utils.h

+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// This file contains utility functions related to working with "facets".
+//
+// A "facet" is defined as the manifestation of a logical application on a given
+// platform. For example, "My Bank" may have released an Android application,
+// and a Web application accessible from a browser. These are all facets of the
+// "My Bank" logical application.
+//
+// Facets that belong to the same logical application are said to be affiliated
+// with each other. Conceptually, "affiliations" can be seen as an equivalence
+// relation defined over the set of all facets. Each equivalence class contains
+// facets that belong to the same logical application, and therefore should be
+// treated as synonymous for certain purposes, e.g., sharing credentials.
+//
+// A valid facet identifier will be of the form:
+//
+//   * https://<host>[:<port>]/
+//      For web sites. Only HTTPS sites are supported, and URI must not contain
+//      components other than the scheme, host, and a port (which is optional).
+//
+//   * android://<cert_hash>@<package_name>/

[Mike West, 2014/12/02 16:33:06]

If we change this to `android://<cert_hash>/<package_name>/`, we could probably
use GURLs rather than strings in most places. It also might make marginally more
semantic sense: the "authority" section of the URL maps more cleanly to the cert
hash than to the package name.

[engedy, 2014/12/02 19:24:55]

I am afraid changing the format is no longer an option.

In either case, sadly, we cannot use GURL, as it tries to be too clever. Based
on the scheme, it parses the rest of the spec differently: when it sees the
"android" scheme, it freaks out, and classifies it as a weird URL alongside
"javascript:" and "data:" URLs, and shoves everything into the 'path' component.
Not too useful.

Given that the android:// scheme is an internal implementation detail, is in no
way standardized to any degree, I could see no justification for letting our
GURL know about it.

So that leaves us with either defining a custom FacetURI type, or just using
std::string and ParseStandardURL. WDYT?

+//      For Android applications. The <cert_hash> is the hash of the certificate
+//      used to sign the APK, normally calculated as:
+//        echo -n -e "$PEM_KEY" | \
+//          openssl x509 -outform DER | \
+//          openssl sha -sha512 -binary | base64 | tr '+/' '-_'
+
+#ifndef COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_AFFILIATION_UTILS_H_
+#define COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_AFFILIATION_UTILS_H_
+
+#include <string>
+#include <vector>
+
+namespace password_manager {
+
+// A collection of facets affiliated with each other, i.e. an equivalence class.
+typedef std::vector<std::string> AffiliatedFacets;
+
+// The scheme used for identifying Android applications.
+extern const char kAndroidAppScheme[];
+
+// Returns whether or not the supplied |uri| is a valid facet identifier.
+bool IsValidFacetURI(const std::string& uri);
+
+// Returns whether or not the supplied |uri| is a valid facet identifier that
+// refers to a web site.
+bool IsValidWebFacetURI(const std::string& uri);
+
+// Returns whether or not the supplied |uri| is a valid facet identifier that
+// refers to an Android app. Note that Chrome currently does not need to parse
+// these URIs, so this function only checks that the expected components are
+// present and will not actually verify their inner format.

[Mike West, 2014/12/02 16:33:06]

Hrm. If you're not parsing these, then claiming that it's "valid" is difficult,
isn't it?

If we could migrate to GURL, this would be simpler, as we could reuse its
parsing logic, and just examine the scheme to determine the facet type.

[engedy, 2014/12/02 19:24:55]

Actually, we are parsing it to the extent where we can decide the facet type and
stuff, just not checking the components too deeply (signature, APK name). I
guess I should clarify the comment.

+bool IsValidAndroidFacetURI(const std::string& uri);
+
+// Returns whether or not equivalence classes |a| and |b| are equal.
+bool AreEquivalenceClassesEqual(const AffiliatedFacets& a,
+                                const AffiliatedFacets& b);
+
+}  // namespace password_manager
+
+#endif  // COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_AFFILIATION_UTILS_H_