1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
|
// Copyright 2020 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef COMPONENTS_PAYMENTS_CONTENT_SECURE_PAYMENT_CONFIRMATION_SERVICE_H_
#define COMPONENTS_PAYMENTS_CONTENT_SECURE_PAYMENT_CONFIRMATION_SERVICE_H_
#include <cstdint>
#include <memory>
#include <optional>
#include <string>
#include <vector>
#include "base/memory/scoped_refptr.h"
#include "base/memory/weak_ptr.h"
#include "components/payments/content/browser_binding/passkey_browser_binder.h"
#include "components/payments/core/secure_payment_confirmation_metrics.h"
#include "components/webdata/common/web_data_service_base.h"
#include "components/webdata/common/web_data_service_consumer.h"
#include "content/public/browser/document_service.h"
#include "content/public/browser/global_routing_id.h"
#include "mojo/public/cpp/bindings/pending_receiver.h"
#include "mojo/public/cpp/bindings/receiver.h"
#include "third_party/blink/public/mojom/payments/secure_payment_confirmation_service.mojom.h"
namespace webauthn {
class InternalAuthenticator;
} // namespace webauthn
namespace payments {
class PaymentManifestWebDataService;
// Implementation of the mojom::SecurePaymentConfirmationService interface,
// which provides SPC-related functionality that is not tied to a specific
// PaymentRequest invocation.
class SecurePaymentConfirmationService
: public content::DocumentService<mojom::SecurePaymentConfirmationService>,
public WebDataServiceConsumer {
public:
SecurePaymentConfirmationService(
content::RenderFrameHost& render_frame_host,
mojo::PendingReceiver<mojom::SecurePaymentConfirmationService> receiver,
scoped_refptr<PaymentManifestWebDataService> web_data_service,
std::unique_ptr<webauthn::InternalAuthenticator> authenticator);
~SecurePaymentConfirmationService() override;
SecurePaymentConfirmationService(const SecurePaymentConfirmationService&) =
delete;
SecurePaymentConfirmationService& operator=(
const SecurePaymentConfirmationService&) = delete;
// mojom::SecurePaymentConfirmationService:
void SecurePaymentConfirmationAvailability(
SecurePaymentConfirmationAvailabilityCallback callback) override;
// mojom::SecurePaymentConfirmationService:
void StorePaymentCredential(const std::vector<uint8_t>& credential_id,
const std::string& rp_id,
const std::vector<uint8_t>& user_id,
StorePaymentCredentialCallback callback) override;
// mojom::SecurePaymentConfirmationService:
void MakePaymentCredential(
blink::mojom::PublicKeyCredentialCreationOptionsPtr options,
MakePaymentCredentialCallback callback) override;
#if BUILDFLAG(IS_ANDROID)
void SetPasskeyBrowserBinderForTesting(
std::unique_ptr<PasskeyBrowserBinder> passkey_browser_binder);
#endif // BUILDFLAG(IS_ANDROID)
private:
// States of the enrollment flow, necessary to ensure correctness with
// round-trips to the renderer process. Methods that perform async
// actions (like StorePaymentCredential) have procedure:
// 1. Validate state.
// 2. Validate parameters.
// 3. Use parameters.
// 4. Update the state.
// 5. Make the async call.
// Methods that perform terminating actions (like OnWebDataServiceRequestDone)
// have procedure:
// 1. Validate state.
// 2. Validate parameters.
// 3. Use parameters.
// 4. Call Reset() to perform cleanup.
// 5. Invoke a mojo callback to the renderer.
// Any method may call Reset() to ensure callbacks are called and return to a
// valid Idle state.
enum class State { kIdle, kStoringCredential };
// WebDataServiceConsumer:
void OnWebDataServiceRequestDone(
WebDataServiceBase::Handle h,
std::unique_ptr<WDTypedResult> result) override;
// MakeCredentialCallback:
void OnAuthenticatorMakeCredential(
SecurePaymentConfirmationService::MakePaymentCredentialCallback callback,
std::string maybe_relying_party,
std::optional<PasskeyBrowserBinder::UnboundKey> browser_bound_key,
::blink::mojom::AuthenticatorStatus authenticator_status,
::blink::mojom::MakeCredentialAuthenticatorResponsePtr response,
::blink::mojom::WebAuthnDOMExceptionDetailsPtr maybe_exception_details);
bool IsCurrentStateValid() const;
void RecordFirstSystemPromptResult(
SecurePaymentConfirmationEnrollSystemPromptResult result);
void Reset();
State state_ = State::kIdle;
scoped_refptr<PaymentManifestWebDataService> web_data_service_;
std::unique_ptr<webauthn::InternalAuthenticator> authenticator_;
std::optional<WebDataServiceBase::Handle> data_service_request_handle_;
StorePaymentCredentialCallback storage_callback_;
std::optional<WebDataServiceBase::Handle>
set_browser_bound_key_request_handle_;
bool is_system_prompt_result_recorded_ = false;
#if BUILDFLAG(IS_ANDROID)
std::unique_ptr<PasskeyBrowserBinder> passkey_browser_binder_;
#endif // BUILDFLAG(IS_ANDROID)
base::WeakPtrFactory<SecurePaymentConfirmationService> weak_ptr_factory_{
this};
};
} // namespace payments
#endif // COMPONENTS_PAYMENTS_CONTENT_SECURE_PAYMENT_CONFIRMATION_SERVICE_H_
|
