Added utility functions related to working with "facets".

components/password_manager/core/browser/affiliation_utils.h

Index: components/password_manager/core/browser/affiliation_utils.h
diff --git a/components/password_manager/core/browser/affiliation_utils.h b/components/password_manager/core/browser/affiliation_utils.h
new file mode 100644
index 0000000000000000000000000000000000000000..38ab24eba1fcef7569cfa6e35a918a74e59e13ea
--- /dev/null
+++ b/components/password_manager/core/browser/affiliation_utils.h
@@ -0,0 +1,136 @@
+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// This file contains utilities related to working with "facets".
+//
+// A "facet" is defined as the manifestation of a logical application on a given
+// platform. For example, "My Bank" may have released an Android application
+// and a Web application accessible from a browser. These are all facets of the
+// "My Bank" logical application.
+//
+// Facets that belong to the same logical application are said to be affiliated
+// with each other. Conceptually, "affiliations" can be seen as an equivalence
+// relation defined over the set of all facets. Each equivalence class contains
+// facets that belong to the same logical application, and therefore should be
+// treated as synonymous for certain purposes, e.g., sharing credentials.
+//
+// A valid facet identifier will be a URI of the form:
+//
+//   * https://<host>[:<port>]
+//
+//      For web sites. Only HTTPS sites are supported. The syntax corresponds to
+//      that of 'serialized-origin' in RFC 6454. That is, in canonical form, the
+//      URI must not contain components other than the scheme (required, must be
+//      "https"), host (required), and port (optional); with canonicalization
+//      performed the same way as it normally would be for standard URLs.
+//
+//   * android://<certificate_hash>@<package_name>
+//
+//      For Android applications. In canonical form, the URI must not contain
+//      components other than the scheme (must be "android"), username, and host
+//      (all required). The host part must be a valid Android package name, with
+//      no escaping, so it must be composed of characters [a-zA-Z0-9_.].
+//
+//      The username part must be the hash of the certificate used to sign the
+//      APK, base64-encoded using padding and the "URL and filename safe" base64
+//      alphabet, with no further escaping. This is normally calculated as:
+//
+//        echo -n -e "$PEM_KEY" |
+//          openssl x509 -outform DER |
+//          openssl sha -sha512 -binary | base64 | tr '+/' '-_'
+//
+
+#ifndef COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_AFFILIATION_UTILS_H_
+#define COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_AFFILIATION_UTILS_H_
+
+#include <string>
+#include <vector>
+
+#include "base/logging.h"
+
+namespace password_manager {
+
+// Encapsulates a facet URI in canonical form.
+//
+// This is a very light-weight wrapper around an std::string containing the text
+// of the URI, and can be passed around as a value. The main rationale for the
+// existance of this class is to make it clearer in the code when a certain URI
+// is known to be a valid facet URI in canonical form, and to allow verifying
+// and converting URIs to such canonical form.
+//
+// Note that it would be impractical to use GURL to represent facet URIs, as
+// GURL has built-in logic to parse the rest of the URI according to its scheme,
+// and obviously, it does not recognize the "android" scheme. Therefore, after
+// parsing, everything ends up in the path component, which is not too helpful.
+class FacetURI {
+ public:
+  FacetURI();
+
+  // As a light-weight std::string wrapper, allow copy and assign.
+  FacetURI(const FacetURI&) = default;
+  FacetURI& operator=(const FacetURI&) = default;
+
+  // Constructs an instance to encapsulate the canonical form of |spec|.
+  // If |spec| is not a valid facet URI, then an invalid instance is returned,
+  // which then should be discarded.
+  static FacetURI FromPotentiallyInvalidSpec(const std::string& spec);
+
+  // Constructs a valid FacetURI instance from a valid |canonical_spec|.
+  // Note: The passed-in URI is not verified at all. Use only when you are sure
+  // the URI is valid and in canonical form.
+  static FacetURI FromCanonicalSpec(const std::string& canonical_spec);
+
+  // Comparison operators so that FacetURI can be used in std::equal.
+  bool operator==(const FacetURI& other) const;
+  bool operator!=(const FacetURI& other) const;
+
+  // Relational operators so that FacetURI can be used in sorted containers.
+  bool operator<(const FacetURI& other) const;
+  bool operator>(const FacetURI& other) const;
+
+  // Returns whether or not this instance represents a valid facet identifier
+  // referring to a Web application.
+  bool IsValidWebFacetURI() const;
+
+  // Returns whether or not this instance represents a valid facet identifier
+  // referring to an Android application.
+  bool IsValidAndroidFacetURI() const;
+
+  // Returns whether or not this instance represents a valid facet identifier
+  // referring to either a Web or an Android application.
+  bool is_valid() const {
+    return is_valid_;
+  }
+
+  // Returns the text of the encapsulated canonical URI, which must be valid.
+  const std::string& canonical_spec() const {
+    DCHECK(is_valid_);
+    return canonical_spec_;
+  }
+
+ private:
+  // Internal constructor to be used by the static factory methods.
+  FacetURI(const std::string& canonical_spec, bool is_valid);
+
+  // Whether |canonical_spec_| contains a valid facet URI in canonical form.
+  bool is_valid_;
+
+  // The text of the encapsulated canonical URI, valid if and only if
+  // |is_valid_| is true.
+  std::string canonical_spec_;
+};
+
+// A collection of facets affiliated with each other, i.e. an equivalence class.
+typedef std::vector<FacetURI> AffiliatedFacets;
+
+// Returns whether or not equivalence classes |a| and |b| are equal, that is,
+// whether or not they consist of the same set of facets.
+//
+// Note that this will do some sorting, so it can be expensive for large inputs.
+bool AreEquivalenceClassesEqual(const AffiliatedFacets& a,
+                                const AffiliatedFacets& b);
+
+}  // namespace password_manager
+
+#endif  // COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_AFFILIATION_UTILS_H_