File: safe_browsing_api_handler_bridge.h

package info (click to toggle)
chromium 139.0.7258.127-1
  • links: PTS, VCS
  • area: main
  • in suites:
  • size: 6,122,068 kB
  • sloc: cpp: 35,100,771; ansic: 7,163,530; javascript: 4,103,002; python: 1,436,920; asm: 946,517; xml: 746,709; pascal: 187,653; perl: 88,691; sh: 88,436; objc: 79,953; sql: 51,488; cs: 44,583; fortran: 24,137; makefile: 22,147; tcl: 15,277; php: 13,980; yacc: 8,984; ruby: 7,485; awk: 3,720; lisp: 3,096; lex: 1,327; ada: 727; jsp: 228; sed: 36
file content (163 lines) | stat: -rw-r--r-- 6,403 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
 
// Copyright 2016 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
//
// Glue to pass Safe Browsing API requests between Chrome and GMSCore.

#ifndef COMPONENTS_SAFE_BROWSING_ANDROID_SAFE_BROWSING_API_HANDLER_BRIDGE_H_
#define COMPONENTS_SAFE_BROWSING_ANDROID_SAFE_BROWSING_API_HANDLER_BRIDGE_H_

#include <jni.h>

#include "base/android/jni_android.h"
#include "base/callback_list.h"
#include "base/functional/callback.h"
#include "base/memory/raw_ptr.h"
#include "components/safe_browsing/android/safe_browsing_api_handler_util.h"
#include "components/safe_browsing/core/browser/db/v4_protocol_manager_util.h"

class GURL;

namespace safe_browsing {

class UrlCheckInterceptor;
struct ThreatMetadata;

class SafeBrowsingApiHandlerBridge {
 public:
  using ResponseCallback =
      base::OnceCallback<void(SBThreatType, const ThreatMetadata&)>;
  using VerifyAppsResponseCallback =
      base::OnceCallback<void(VerifyAppsEnabledResult)>;
  using GetSafetyNetIdResponseCallback =
      base::OnceCallback<void(const std::string&)>;

  SafeBrowsingApiHandlerBridge();

  ~SafeBrowsingApiHandlerBridge();

  SafeBrowsingApiHandlerBridge(const SafeBrowsingApiHandlerBridge&) = delete;
  SafeBrowsingApiHandlerBridge& operator=(const SafeBrowsingApiHandlerBridge&) =
      delete;

  // Returns a reference to the singleton.
  static SafeBrowsingApiHandlerBridge& GetInstance();

  // Clear any URLs retained from the command-line.
  void ClearArtificialDatabase();

  // Populates any URLs specified at the command-line.
  void PopulateArtificialDatabase();

  // Makes Native-to-Java call to perform the hash-prefix database check.
  void StartHashDatabaseUrlCheck(ResponseCallback callback,
                                 const GURL& url,
                                 const SBThreatTypeSet& threat_types);

  // Makes Native-to-Java call to perform the privacy-preserving hash real-time
  // check.
  void StartHashRealTimeUrlCheck(ResponseCallback callback,
                                 const GURL& url,
                                 const SBThreatTypeSet& threat_types);

  // Check whether `url` matches a local allowlist.
  bool StartCSDAllowlistCheck(const GURL& url);
  bool StartCSDDownloadAllowlistCheck(const GURL& url);

  // Query whether app verification is enabled. Will run `callback` with
  // the result of the query.
  void StartIsVerifyAppsEnabled(VerifyAppsResponseCallback callback);

  // Prompt the user to enable app verification. Will run `callback`
  // with the result of the query.
  void StartEnableVerifyApps(VerifyAppsResponseCallback callback);

  // Get the SafetyNet ID for the device. Will run `callback` with the result
  // of the query or a cached result, or an empty string if unsuccessful.
  void StartGetSafetyNetId(GetSafetyNetIdResponseCallback callback);

  // Called when a non-recoverable failure is encountered from SafeBrowsing API.
  void OnSafeBrowsingApiNonRecoverableFailure();

  void SetInterceptorForTesting(UrlCheckInterceptor* interceptor) {
    interceptor_for_testing_ = interceptor;
  }

  void ResetSafeBrowsingApiAvailableForTesting() {
    is_safe_browsing_api_available_ = true;
  }

  void SetVerifyAppsEnableResultForTesting(VerifyAppsEnabledResult result) {
    verify_apps_enabled_for_testing_ = result;
  }

  // Resets the cached value and callback subscriptions list.
  void ResetSafetyNetIdForTesting();

  std::optional<std::string> GetCachedSafetyNetIdForTesting() const {
    return safety_net_id_;
  }

 private:
  // Makes Native-to-Java call to check the URL through GMSCore SafeBrowsing
  // API.
  void StartUrlCheckBySafeBrowsing(ResponseCallback callback,
                                   const GURL& url,
                                   const SBThreatTypeSet& threat_types,
                                   const SafeBrowsingJavaProtocol& protocol);

  // Stores the `result` of a call to get the SafetyNet ID from Java, including
  // an empty result which indicates non-recoverable error.
  void CacheSafetyNetId(const std::string& result);

  // Used as a key to identify unique requests sent to Java to get Safe Browsing
  // reputation from GmsCore SafeBrowsing API.
  jlong next_safe_browsing_callback_id_ = 0;

  // Used as a key to identify unique requests sent to Java related to
  // SafetyNet app verification.
  jlong next_verify_apps_callback_id_ = 0;

  // Whether SafeBrowsing API is available. Set to false if previous call to
  // SafeBrowsing API has encountered a non-recoverable failure. If set to
  // false, future calls to SafeBrowsing API will return safe immediately.
  // Once set to false, it will remain false until browser restarts.
  bool is_safe_browsing_api_available_ = true;

  // Cached SafetyNet ID. The SafetyNet ID for the device does not change, so
  // once it is obtained from Java, it is cached here for any future calls to
  // StartGetSafetyNetId(). An empty value may be cached here, which indicates
  // an error that is not likely recoverable during this process lifetime. Note
  // that a non-empty value may still be an incorrect/default value.
  std::optional<std::string> safety_net_id_ = std::nullopt;

  // Callback subscriptions to enable cancelling any pending
  // GetSafetyNetIdResponseCallbacks when destroying `this`. This should not
  // grow unboundedly, because the first invocation of getSafetyNetId() that
  // returns a non-empty value should cache the value and subsequent calls will
  // not add a callback to this list.
  std::vector<base::CallbackListSubscription>
      pending_get_safety_net_id_callbacks_;

  raw_ptr<UrlCheckInterceptor> interceptor_for_testing_ = nullptr;

  std::optional<VerifyAppsEnabledResult> verify_apps_enabled_for_testing_ =
      std::nullopt;

  // Set of URLs specified at the command-line to be enforced on as phishing.
  std::set<GURL> artificially_marked_phishing_urls_;
};

// Interface allowing simplified interception of calls to
// SafeBrowsingApiHandlerBridge. Intended for use only in tests.
class UrlCheckInterceptor {
 public:
  virtual ~UrlCheckInterceptor() = default;
  virtual void CheckBySafeBrowsing(
      SafeBrowsingApiHandlerBridge::ResponseCallback callback,
      const GURL& url) = 0;
};

}  // namespace safe_browsing

#endif  // COMPONENTS_SAFE_BROWSING_ANDROID_SAFE_BROWSING_API_HANDLER_BRIDGE_H_