Chromium Code Reviews Chromium Code Reviews
Issue 927293002:
platformKeys: Hook up the certificate selection dialog to selectClientCertificates. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@cert_perms| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_SERVICE_H_ | 5 #ifndef CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_SERVICE_H_ |
| 6 #define CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_SERVICE_H_ | 6 #define CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_SERVICE_H_ |
| 7 | 7 |
| 8 #include <queue> | 8 #include <queue> |
| 9 #include <string> | 9 #include <string> |
| 10 #include <vector> | 10 #include <vector> |
| 11 | 11 |
| 12 #include "base/callback_forward.h" | 12 #include "base/callback_forward.h" |
| 13 #include "base/macros.h" | 13 #include "base/macros.h" |
| 14 #include "base/memory/linked_ptr.h" | 14 #include "base/memory/linked_ptr.h" |
| 15 #include "base/memory/scoped_ptr.h" | 15 #include "base/memory/scoped_ptr.h" |
| 16 #include "base/memory/weak_ptr.h" | 16 #include "base/memory/weak_ptr.h" |
| 17 #include "chrome/browser/chromeos/platform_keys/platform_keys.h" | 17 #include "chrome/browser/chromeos/platform_keys/platform_keys.h" |
| 18 #include "components/keyed_service/core/keyed_service.h" | 18 #include "components/keyed_service/core/keyed_service.h" |
| 19 | 19 |
| 20 namespace content { | 20 namespace content { |
| 21 class BrowserContext; | 21 class BrowserContext; |
| 22 class WebContents; | |
| 22 } | 23 } |
| 23 | 24 |
| 24 namespace base { | 25 namespace base { |
| 25 class ListValue; | 26 class ListValue; |
| 26 class Value; | 27 class Value; |
| 27 } | 28 } |
| 28 | 29 |
| 29 namespace extensions { | 30 namespace extensions { |
| 30 class StateStore; | 31 class StateStore; |
| 31 } | 32 } |
| 32 | 33 |
| 33 namespace net { | 34 namespace net { |
| 34 class X509Certificate; | 35 class X509Certificate; |
| 35 typedef std::vector<scoped_refptr<X509Certificate>> CertificateList; | 36 typedef std::vector<scoped_refptr<X509Certificate>> CertificateList; |
| 36 } | 37 } |
| 37 | 38 |
| 38 namespace chromeos { | 39 namespace chromeos { |
| 39 | 40 |
| 40 class PlatformKeysService : public KeyedService { | 41 class PlatformKeysService : public KeyedService { |
| 41 public: | 42 public: |
| 42 struct KeyEntry; | 43 struct KeyEntry; |
| 43 using KeyEntries = std::vector<KeyEntry>; | 44 using KeyEntries = std::vector<KeyEntry>; |
| 44 | 45 |
| 45 // The SelectDelegate is used to select a single certificate from all | 46 // The SelectDelegate is used to select a single certificate from all |
| 46 // certificates matching a request (see SelectClientCertificates). E.g. this | 47 // certificates matching a request (see SelectClientCertificates). E.g. this |
| 47 // can happen by exposing UI to let the user select. | 48 // can happen by exposing UI to let the user select. |
| 48 class SelectDelegate { | 49 class SelectDelegate { |
| 49 public: | 50 public: |
| 50 // TODO(pneubeck): Handle if the selection was aborted, e.g. by the user. | 51 using CertificateSelectedCallback = base::Callback<void( |
| 51 using CertificateSelectedCallback = | 52 const scoped_refptr<net::X509Certificate>& selection)>; |
| 52 base::Callback<void(scoped_refptr<net::X509Certificate> selection)>; | |
| 53 | 53 |
| 54 SelectDelegate(); | 54 SelectDelegate(); |
| 55 virtual ~SelectDelegate(); | 55 virtual ~SelectDelegate(); |
| 56 | 56 |
| 57 // Called on an interactive SelectClientCertificates call with the list of | 57 // Called on an interactive SelectClientCertificates call with the list of |
| 58 // matching certificates, |certs|. | 58 // matching certificates, |certs|. |
| 59 // The certificate passed to |callback| will be forwarded to the | 59 // The certificate passed to |callback| will be forwarded to the |
| 60 // calling extension and the extension will get unlimited sign permission | 60 // calling extension and the extension will get unlimited sign permission |
| 61 // for this cert. By passing null to |callback|, no cert will be selected. | 61 // for this cert. By passing null to |callback|, no cert will be selected. |
| 62 // Must eventually call |callback| or be destructed. |callback| must not be | 62 // Must eventually call |callback| or be destructed. |callback| must not be |
| 63 // called after this delegate is destructed. | 63 // called after this delegate is destructed. |
| 64 virtual void Select(const std::string& extension_id, | 64 virtual void Select(const std::string& extension_id, |
| 65 const net::CertificateList& certs, | 65 const net::CertificateList& certs, |
| 66 const CertificateSelectedCallback& callback) = 0; | 66 const CertificateSelectedCallback& callback, |
| 67 content::WebContents* web_contents, | |
|
bartfab (slow)
2015/02/19 18:55:42
Nit: Document that |web_contents| will not be a nu
pneubeck (no reviews)
2015/02/19 21:51:40
Done.
| |
| 68 content::BrowserContext* context) = 0; | |
| 67 | 69 |
| 68 private: | 70 private: |
| 69 DISALLOW_ASSIGN(SelectDelegate); | 71 DISALLOW_ASSIGN(SelectDelegate); |
| 70 }; | 72 }; |
| 71 | 73 |
| 72 // Stores registration information in |state_store|, i.e. for each extension | 74 // Stores registration information in |state_store|, i.e. for each extension |
| 73 // the list of public keys that are valid to be used for signing. Each key can | 75 // the list of public keys that are valid to be used for signing. Each key can |
| 74 // be used for signing at most once. | 76 // be used for signing at most once. |
| 75 // The format written to |state_store| is: | 77 // The format written to |state_store| is: |
| 76 // kStateStorePlatformKeys maps to a list of strings. | 78 // kStateStorePlatformKeys maps to a list of strings. |
| (...skipping 85 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 162 // SelectDelegate is used to select a single certificate from these matches | 164 // SelectDelegate is used to select a single certificate from these matches |
| 163 // which will the extension will also be granted access to. 3) only | 165 // which will the extension will also be granted access to. 3) only |
| 164 // certificates, that the extension has unlimited sign permission for, will be | 166 // certificates, that the extension has unlimited sign permission for, will be |
| 165 // returned. | 167 // returned. |
| 166 // |callback| will be invoked with these certificates or an error message. | 168 // |callback| will be invoked with these certificates or an error message. |
| 167 // Will only call back during the lifetime of this object. | 169 // Will only call back during the lifetime of this object. |
| 168 void SelectClientCertificates( | 170 void SelectClientCertificates( |
| 169 const platform_keys::ClientCertificateRequest& request, | 171 const platform_keys::ClientCertificateRequest& request, |
| 170 bool interactive, | 172 bool interactive, |
| 171 const std::string& extension_id, | 173 const std::string& extension_id, |
| 172 const SelectCertificatesCallback& callback); | 174 const SelectCertificatesCallback& callback, |
| 175 content::WebContents* web_contents); | |
|
bartfab (slow)
2015/02/19 18:55:42
Nit: Document that |web_contents| must not be a nu
pneubeck (no reviews)
2015/02/19 21:51:40
Done.
| |
| 173 | 176 |
| 174 private: | 177 private: |
| 175 using GetPlatformKeysCallback = | 178 using GetPlatformKeysCallback = |
| 176 base::Callback<void(scoped_ptr<KeyEntries> platform_keys)>; | 179 base::Callback<void(scoped_ptr<KeyEntries> platform_keys)>; |
| 177 | 180 |
| 178 enum SignPermission { ONCE, UNLIMITED }; | 181 enum SignPermission { ONCE, UNLIMITED }; |
| 179 | 182 |
| 180 class PermissionUpdateTask; | 183 class PermissionUpdateTask; |
| 181 class SelectTask; | 184 class SelectTask; |
| 182 class SignTask; | 185 class SignTask; |
| (...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 234 scoped_ptr<SelectDelegate> select_delegate_; | 237 scoped_ptr<SelectDelegate> select_delegate_; |
| 235 std::queue<linked_ptr<Task>> tasks_; | 238 std::queue<linked_ptr<Task>> tasks_; |
| 236 base::WeakPtrFactory<PlatformKeysService> weak_factory_; | 239 base::WeakPtrFactory<PlatformKeysService> weak_factory_; |
| 237 | 240 |
| 238 DISALLOW_COPY_AND_ASSIGN(PlatformKeysService); | 241 DISALLOW_COPY_AND_ASSIGN(PlatformKeysService); |
| 239 }; | 242 }; |
| 240 | 243 |
| 241 } // namespace chromeos | 244 } // namespace chromeos |
| 242 | 245 |
| 243 #endif // CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_SERVICE_H_ | 246 #endif // CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_SERVICE_H_ |
| OLD | NEW |
