File: passkey_change_quota_tracker.h

package info (click to toggle)
chromium 139.0.7258.127-2
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 6,122,156 kB
  • sloc: cpp: 35,100,771; ansic: 7,163,530; javascript: 4,103,002; python: 1,436,920; asm: 946,517; xml: 746,709; pascal: 187,653; perl: 88,691; sh: 88,436; objc: 79,953; sql: 51,488; cs: 44,583; fortran: 24,137; makefile: 22,147; tcl: 15,277; php: 13,980; yacc: 8,984; ruby: 7,485; awk: 3,720; lisp: 3,096; lex: 1,327; ada: 727; jsp: 228; sed: 36
file content (63 lines) | stat: -rw-r--r-- 2,231 bytes parent folder | download | duplicates (5) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
 
// Copyright 2024 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#ifndef COMPONENTS_WEBAUTHN_CORE_BROWSER_PASSKEY_CHANGE_QUOTA_TRACKER_H_
#define COMPONENTS_WEBAUTHN_CORE_BROWSER_PASSKEY_CHANGE_QUOTA_TRACKER_H_

#include "base/containers/flat_map.h"
#include "components/sync/engine/cycle/commit_quota.h"
#include "url/origin.h"

namespace base {

template <typename T>
struct DefaultSingletonTraits;

}  // namespace base

namespace webauthn {

// PasskeyChangeQuotaTracker keeps a client-side quota for changes to
// `PasskeyModel` that may result in network traffic to Google and do not
// require user interaction.
// Quota is keyed by eTLD+1, and is global to a browser instance. Quota tracking
// is not kept after a browser restart.
// localhost and the virtual authenticator are exempt from the quota.
class PasskeyChangeQuotaTracker {
 public:
  static constexpr int kMaxTokensPerRP = 10;
  static constexpr base::TimeDelta kRefillInterval = base::Minutes(2);

  static PasskeyChangeQuotaTracker* GetInstance();

  ~PasskeyChangeQuotaTracker();
  PasskeyChangeQuotaTracker(const PasskeyChangeQuotaTracker&) = delete;
  PasskeyChangeQuotaTracker& operator=(const PasskeyChangeQuotaTracker&) =
      delete;

  // Tracks a new change by |origin|.
  void TrackChange(const url::Origin& origin);

  // Returns `true` if the quota hasn't been exceeded yet, and thus |origin| is
  // allowed to make that change, `false` if the change should be dropped as
  // quota has been exceeded.
  bool CanMakeChange(const url::Origin& origin);

  void ResetForTesting();

 private:
  PasskeyChangeQuotaTracker();
  friend struct base::DefaultSingletonTraits<PasskeyChangeQuotaTracker>;

  // Returns the CommitQuota instance for |origin|, allocating it if necessary.
  syncer::CommitQuota& GetOrAllocateQuota(const url::Origin& origin);

  // A map tracking relying parties as eTLD+1 to their quota. If a relying party
  // is not present, it means it hasn't used any of its quota yet.
  base::flat_map<std::string, syncer::CommitQuota> quota_per_rp_;
};

}  // namespace webauthn

#endif  // COMPONENTS_WEBAUTHN_CORE_BROWSER_PASSKEY_CHANGE_QUOTA_TRACKER_H_