Cancel client auth requests when not promptable.

content/browser/ssl/ssl_client_auth_handler.h

Index: content/browser/ssl/ssl_client_auth_handler.h
diff --git a/content/browser/ssl/ssl_client_auth_handler.h b/content/browser/ssl/ssl_client_auth_handler.h
index 75976877a3cecbb9642726379eadb1bb92d5a538..485c8c00a62ad385a58ccac862e94d5fd13cab1d 100644
--- a/content/browser/ssl/ssl_client_auth_handler.h
+++ b/content/browser/ssl/ssl_client_auth_handler.h
@@ -23,30 +23,46 @@ namespace content {
 // This class handles the approval and selection of a certificate for SSL client
 // authentication by the user. Should only be used on the IO thread. If the
 // SSLClientAuthHandler is destroyed before the certificate is selected, the
-// selection is canceled and the callback never called.
+// selection is canceled and the delegate never called.
 class SSLClientAuthHandler {
  public:
-  using CertificateCallback = base::Callback<void(net::X509Certificate*)>;
+  // Delegate interface for SSLClientAuthHandler. Method implementations may
+  // delete the handler when called.
+  class Delegate {
+   public:
+    // Called to continue the request with |cert|. |cert| may be nullptr.
+    virtual void ContinueWithCertificate(net::X509Certificate* cert) = 0;
+
+    // Called to cancel the certificate selection and abort the request.
+    virtual void CancelCertificateSelection() = 0;
+  };

[pneubeck (no reviews), 2015/02/14 10:53:02]

nit:

private:
  DISALLOW_ASSIGN(...);

to through a compile-error instead of silently doing a no-op in case of:
  Delegate* a = ...;
  Delegate *b = ...;
  *a = *b;

[davidben, 2015/02/18 22:31:45]

Done.

 
   SSLClientAuthHandler(scoped_ptr<net::ClientCertStore> client_cert_store,
                        net::URLRequest* request,
                        net::SSLCertRequestInfo* cert_request_info,
-                       const CertificateCallback& callback);
+                       Delegate* delegate);
   ~SSLClientAuthHandler();
 
   // Selects a certificate and resumes the URL request with that certificate.
   void SelectCertificate();
 
+  // Called to continue the request associated with |handler| using |cert|. This
+  // is static to avoid deleting |handler| while it is on the stack.
+  static void ContinueWithCertificate(
+      const base::WeakPtr<SSLClientAuthHandler>& handler,
+      net::X509Certificate* cert);
+
+  // Called to abort the request associated with |handler|. This is static to
+  // avoid deleting |handler| while it is on the stack.
+  static void CancelCertificateSelection(
+      const base::WeakPtr<SSLClientAuthHandler>& handler);
+
  private:
   class Core;
 
   // Called when |core_| is done retrieving the cert list.
   void DidGetClientCerts();
 
-  // Called when the user has selected a cert. If the user chose to continue
-  // with no certificate, |cert| is NULL.
-  void CertificateSelected(net::X509Certificate* cert);
-
   // A reference-counted core so the ClientCertStore may outlive
   // SSLClientAuthHandler if the handler is destroyed while an operation on the
   // ClientCertStore is in progress.
@@ -58,8 +74,9 @@ class SSLClientAuthHandler {
   // The certs to choose from.
   scoped_refptr<net::SSLCertRequestInfo> cert_request_info_;
 
-  // The callback to call when the certificate is selected.
-  CertificateCallback callback_;
+  // The delegate to call back with the result. The caller ensures the delegate
+  // does not outlive SSLClientAuthHandler.

[pneubeck (no reviews), 2015/02/14 10:53:02]

This documented lifetime is... surprising? Did you mean '... does outlive
SSLClientAuthHandler'?

[davidben, 2015/02/18 22:31:45]

Yeah, typo. Fixed and moved to the ctor since this guarantee is part of public
API.

+  Delegate* delegate_;
 
   base::WeakPtrFactory<SSLClientAuthHandler> weak_factory_;