| Index: chrome/browser/chromeos/platform_keys/platform_keys_service_factory.cc
|
| diff --git a/chrome/browser/chromeos/platform_keys/platform_keys_service_factory.cc b/chrome/browser/chromeos/platform_keys/platform_keys_service_factory.cc
|
| index 8394c2f38f3cb6b15587ac8798775389760d9eed..56521569cca64d517cc0a0fd4472be830f1e3e8c 100644
|
| --- a/chrome/browser/chromeos/platform_keys/platform_keys_service_factory.cc
|
| +++ b/chrome/browser/chromeos/platform_keys/platform_keys_service_factory.cc
|
| @@ -4,14 +4,87 @@
|
|
|
| #include "chrome/browser/chromeos/platform_keys/platform_keys_service_factory.h"
|
|
|
| +#include "base/bind.h"
|
| +#include "base/callback.h"
|
| #include "base/logging.h"
|
| +#include "base/memory/ref_counted.h"
|
| +#include "base/memory/scoped_ptr.h"
|
| #include "base/memory/singleton.h"
|
| +#include "base/memory/weak_ptr.h"
|
| #include "chrome/browser/chromeos/platform_keys/platform_keys_service.h"
|
| #include "chrome/browser/extensions/extension_system_factory.h"
|
| +#include "chrome/browser/policy/profile_policy_connector.h"
|
| +#include "chrome/browser/policy/profile_policy_connector_factory.h"
|
| #include "chrome/browser/profiles/incognito_helpers.h"
|
| +#include "chrome/browser/ui/platform_keys_certificate_selector_chromeos.h"
|
| #include "components/keyed_service/content/browser_context_dependency_manager.h"
|
| +#include "extensions/browser/extension_registry.h"
|
| +#include "extensions/common/extension.h"
|
| +#include "net/cert/x509_certificate.h"
|
|
|
| namespace chromeos {
|
| +namespace {
|
| +
|
| +// This SelectDelegate always selects no certificate.
|
| +class NoOpSelectDelegate
|
| + : public chromeos::PlatformKeysService::SelectDelegate {
|
| + public:
|
| + NoOpSelectDelegate() {}
|
| +
|
| + void Select(const std::string& extension_id,
|
| + const net::CertificateList& certs,
|
| + const CertificateSelectedCallback& callback,
|
| + content::WebContents* web_contents,
|
| + content::BrowserContext* context) override {
|
| + callback.Run(nullptr);
|
| + }
|
| +
|
| + private:
|
| + DISALLOW_COPY_AND_ASSIGN(NoOpSelectDelegate);
|
| +};
|
| +
|
| +// This delegate selects a certificate by showing the certificate selection
|
| +// dialog to the user.
|
| +class DefaultSelectDelegate
|
| + : public chromeos::PlatformKeysService::SelectDelegate {
|
| + public:
|
| + DefaultSelectDelegate() : weak_factory_(this) {}
|
| + ~DefaultSelectDelegate() override {}
|
| +
|
| + void Select(const std::string& extension_id,
|
| + const net::CertificateList& certs,
|
| + const CertificateSelectedCallback& callback,
|
| + content::WebContents* web_contents,
|
| + content::BrowserContext* context) override {
|
| + CHECK(web_contents);
|
| + const extensions::Extension* const extension =
|
| + extensions::ExtensionRegistry::Get(context)->GetExtensionById(
|
| + extension_id, extensions::ExtensionRegistry::ENABLED);
|
| + if (!extension) {
|
| + callback.Run(nullptr /* no certificate selected */);
|
| + return;
|
| + }
|
| + ShowPlatformKeysCertificateSelector(
|
| + web_contents, extension->short_name(), certs,
|
| + // Don't call |callback| once this delegate is destructed, thus use a
|
| + // WeakPtr.
|
| + base::Bind(&DefaultSelectDelegate::SelectedCertificate,
|
| + weak_factory_.GetWeakPtr(), callback));
|
| + }
|
| +
|
| + void SelectedCertificate(
|
| + const CertificateSelectedCallback& callback,
|
| + const scoped_refptr<net::X509Certificate>& selected_cert) {
|
| + callback.Run(selected_cert);
|
| + }
|
| +
|
| + private:
|
| + base::WeakPtrFactory<DefaultSelectDelegate> weak_factory_;
|
| +
|
| + DISALLOW_COPY_AND_ASSIGN(DefaultSelectDelegate);
|
| +};
|
| +
|
| +} // namespace
|
|
|
| // static
|
| PlatformKeysService* PlatformKeysServiceFactory::GetForBrowserContext(
|
| @@ -42,10 +115,23 @@ content::BrowserContext* PlatformKeysServiceFactory::GetBrowserContextToUse(
|
|
|
| KeyedService* PlatformKeysServiceFactory::BuildServiceInstanceFor(
|
| content::BrowserContext* context) const {
|
| - extensions::StateStore* store =
|
| + extensions::StateStore* const store =
|
| extensions::ExtensionSystem::Get(context)->state_store();
|
| DCHECK(store);
|
| - return new PlatformKeysService(context, store);
|
| + PlatformKeysService* const service = new PlatformKeysService(context, store);
|
| +
|
| + policy::ProfilePolicyConnector* const connector =
|
| + policy::ProfilePolicyConnectorFactory::GetForBrowserContext(context);
|
| + // Only allow the user to grant certificate permissions to extensions if the
|
| + // user is not managed by policy. Otherwise the user might leak access to
|
| + // (private keys of) certificates against the intentions of the administrator.
|
| + // TODO(pneubeck): Remove this once the respective policy is implemented.
|
| + // https://crbug.com/460232
|
| + if (connector->IsManaged())
|
| + service->SetSelectDelegate(make_scoped_ptr(new NoOpSelectDelegate()));
|
| + else
|
| + service->SetSelectDelegate(make_scoped_ptr(new DefaultSelectDelegate()));
|
| + return service;
|
| }
|
|
|
| } // namespace chromeos
|
|
|
Chromium Code Reviews
Issue 927293002:
platformKeys: Hook up the certificate selection dialog to selectClientCertificates. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@cert_perms