1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130
|
// Copyright 2017 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef COMPONENTS_CONTENT_RELATIONSHIP_VERIFICATION_DIGITAL_ASSET_LINKS_HANDLER_H_
#define COMPONENTS_CONTENT_RELATIONSHIP_VERIFICATION_DIGITAL_ASSET_LINKS_HANDLER_H_
#include <map>
#include <optional>
#include <set>
#include <string>
#include "base/functional/callback.h"
#include "base/memory/weak_ptr.h"
#include "services/data_decoder/public/cpp/data_decoder.h"
namespace content {
class WebContents;
} // namespace content
namespace network {
class SharedURLLoaderFactory;
class SimpleURLLoader;
} // namespace network
namespace url {
class Origin;
} // namespace url
namespace content_relationship_verification {
extern const char kDigitalAssetLinksCheckResponseKeyLinked[];
// GENERATED_JAVA_ENUM_PACKAGE: (
// org.chromium.components.content_relationship_verification)
enum class RelationshipCheckResult {
kSuccess = 0,
kFailure,
kNoConnection,
};
using RelationshipCheckResultCallback =
base::OnceCallback<void(RelationshipCheckResult)>;
// A handler class for sending REST API requests to DigitalAssetLinks web
// end point. See
// https://developers.google.com/digital-asset-links/v1/getting-started
// for details of usage and APIs. These APIs are used to verify declared
// relationships between different asset types like web domains or Android apps.
// The lifecycle of this handler will be governed by the owner.
// The WebContents are used for logging console messages.
class DigitalAssetLinksHandler {
public:
// Optionally include |web_contents| for logging error messages to DevTools.
explicit DigitalAssetLinksHandler(
scoped_refptr<network::SharedURLLoaderFactory> factory,
content::WebContents* web_contents = nullptr);
DigitalAssetLinksHandler(const DigitalAssetLinksHandler&) = delete;
DigitalAssetLinksHandler& operator=(const DigitalAssetLinksHandler&) = delete;
~DigitalAssetLinksHandler();
// Checks whether the given "relationship" has been declared by the target
// |web_domain| for the source Android app which is uniquely defined by the
// |package| and SHA256 |fingerprint| (a string with 32 hexadecimals with :
// between) given. Any error in the string params here will result in a bad
// request and a nullptr response to the callback.
//
// See
// https://developers.google.com/digital-asset-links/reference/rest/v1/assetlinks/check
// for details.
bool CheckDigitalAssetLinkRelationshipForAndroidApp(
const url::Origin& web_domain,
const std::string& relationship,
std::vector<std::string> fingerprints,
const std::string& package,
RelationshipCheckResultCallback callback);
// Checks if the asset links for |web_domain| allow pages controlled by
// |manifest_url| to query for WebAPKs generated by |web_domain|.
// TODO(rayankans): Link to the developer blog when published.
bool CheckDigitalAssetLinkRelationshipForWebApk(
const url::Origin& web_domain,
const std::string& manifest_url,
RelationshipCheckResultCallback callback);
private:
// Generic DAL verifier. Checks whether the given |relationship| has been
// declared by the target |web_domain| using the values in |target_values|.
// We require a match for every entry in the |target_values| map, but within
// the entry, we require a match only for one value in the set.
// For example, |target_values| may contain an entry with key="site" and
// values={"https://example1.com", "https://example2.com"}. In order to
// validate, the manifest must have an entry with key="site" with one or more
// of the URLs as the value.
bool CheckDigitalAssetLinkRelationship(
const url::Origin& web_domain,
const std::string& relationship,
std::optional<std::vector<std::string>> fingerprints,
const std::map<std::string, std::set<std::string>>& target_values,
RelationshipCheckResultCallback callback);
void OnURLLoadComplete(
std::unique_ptr<network::SimpleURLLoader> url_loader,
std::string relationship,
std::optional<std::vector<std::string>> fingerprints,
std::map<std::string, std::set<std::string>> target_values,
RelationshipCheckResultCallback callback,
std::unique_ptr<std::string> response_body);
// Callback for the DataDecoder.
void OnJSONParseResult(
std::string relationship,
std::optional<std::vector<std::string>> fingerprints,
std::map<std::string, std::set<std::string>> target_values,
RelationshipCheckResultCallback callback,
data_decoder::DataDecoder::ValueOrError result);
scoped_refptr<network::SharedURLLoaderFactory> shared_url_loader_factory_;
base::WeakPtr<content::WebContents> web_contents_;
base::WeakPtrFactory<DigitalAssetLinksHandler> weak_ptr_factory_{this};
};
} // namespace content_relationship_verification
#endif // COMPONENTS_CONTENT_RELATIONSHIP_VERIFICATION_DIGITAL_ASSET_LINKS_HANDLER_H_
|