File: fedcm_accounts_fetcher.h

package info (click to toggle)
chromium 139.0.7258.127-2
  • links: PTS, VCS
  • area: main
  • in suites: forky
  • size: 6,122,156 kB
  • sloc: cpp: 35,100,771; ansic: 7,163,530; javascript: 4,103,002; python: 1,436,920; asm: 946,517; xml: 746,709; pascal: 187,653; perl: 88,691; sh: 88,436; objc: 79,953; sql: 51,488; cs: 44,583; fortran: 24,137; makefile: 22,147; tcl: 15,277; php: 13,980; yacc: 8,984; ruby: 7,485; awk: 3,720; lisp: 3,096; lex: 1,327; ada: 727; jsp: 228; sed: 36
file content (172 lines) | stat: -rw-r--r-- 6,853 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
 
// Copyright 2025 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#ifndef CONTENT_BROWSER_FEDCM_ACCOUNTS_FETCHER_H_
#define CONTENT_BROWSER_FEDCM_ACCOUNTS_FETCHER_H_

#include <set>

#include "base/containers/flat_map.h"
#include "base/memory/raw_ptr.h"
#include "base/memory/weak_ptr.h"
#include "content/browser/webid/fedcm_config_fetcher.h"
#include "content/browser/webid/idp_network_request_manager.h"
#include "url/gurl.h"

namespace content {

class FederatedIdentityPermissionContextDelegate;
class FederatedIdentityApiPermissionContextDelegate;
class FederatedAuthRequestImpl;
class RenderFrameHost;

// A class that fetches accounts from a set of IDPs. Currently only handles
// config and well-known fetches.
// TODO(crbug.com/417197032): handle accounts fetches in this class.
class FedCmAccountsFetcher {
 public:
  struct IdentityProviderGetInfo {
    IdentityProviderGetInfo(blink::mojom::IdentityProviderRequestOptionsPtr,
                            blink::mojom::RpContext rp_context,
                            blink::mojom::RpMode rp_mode,
                            std::optional<blink::mojom::Format> format);
    ~IdentityProviderGetInfo();
    IdentityProviderGetInfo(const IdentityProviderGetInfo&);
    IdentityProviderGetInfo& operator=(const IdentityProviderGetInfo& other);

    blink::mojom::IdentityProviderRequestOptionsPtr provider;
    blink::mojom::RpContext rp_context{blink::mojom::RpContext::kSignIn};
    blink::mojom::RpMode rp_mode{blink::mojom::RpMode::kPassive};
    std::optional<blink::mojom::Format> format;
  };

  struct FedCmFetchingParams {
    FedCmFetchingParams(blink::mojom::RpMode rp_mode,
                        int icon_ideal_size,
                        int icon_minimum_size,
                        MediationRequirement mediation_requirement);
    ~FedCmFetchingParams();

    blink::mojom::RpMode rp_mode;
    int icon_ideal_size;
    int icon_minimum_size;
    MediationRequirement mediation_requirement;
  };

  FedCmAccountsFetcher(
      RenderFrameHost& render_frame_host,
      IdpNetworkRequestManager* network_manager,
      FederatedIdentityApiPermissionContextDelegate* api_permission_delegate,
      FederatedIdentityPermissionContextDelegate* permission_delegate,
      FedCmFetchingParams fetching_params,
      FederatedAuthRequestImpl* federated_auth_request_impl);
  ~FedCmAccountsFetcher();

  // Fetch well-known, config, accounts and client metadata endpoints for
  // passed-in IdPs. Uses parameters from `token_request_get_infos_`.
  void FetchEndpointsForIdps(const std::set<GURL>& idp_config_urls);

  // Notifies metrics endpoint that either the user did not select the IDP in
  // the prompt or that there was an error in fetching data for the IDP.
  void SendAllFailedTokenRequestMetrics(
      blink::mojom::FederatedAuthRequestResult result,
      bool did_show_ui);
  void SendSuccessfulTokenRequestMetrics(
      const GURL& idp_config_url,
      base::TimeDelta api_call_to_show_dialog_time,
      base::TimeDelta show_dialog_to_continue_clicked_time,
      base::TimeDelta account_selected_to_token_response_time,
      base::TimeDelta api_call_to_token_response_time,
      bool did_show_ui);

 private:
  void OnAllConfigAndWellKnownFetched(
      std::vector<FedCmConfigFetcher::FetchResult> fetch_results);

  void OnAccountsResponseReceived(
      std::unique_ptr<IdentityProviderInfo> idp_info,
      IdpNetworkRequestManager::FetchStatus status,
      std::vector<IdentityRequestAccountPtr> accounts);

  void OnAccountsFetchSucceeded(
      std::unique_ptr<IdentityProviderInfo> idp_info,
      IdpNetworkRequestManager::FetchStatus status,
      std::vector<IdentityRequestAccountPtr> accounts);

  void OnClientMetadataResponseReceived(
      std::unique_ptr<IdentityProviderInfo> idp_info,
      std::vector<IdentityRequestAccountPtr>&& accounts,
      IdpNetworkRequestManager::FetchStatus status,
      IdpNetworkRequestManager::ClientMetadata client_metadata);

  void OnFetchDataForIdpSucceeded(
      const IdpNetworkRequestManager::ClientMetadata& client_metadata,
      std::vector<IdentityRequestAccountPtr> accounts,
      std::unique_ptr<IdentityProviderInfo> idp_info,
      const gfx::Image& rp_brand_icon);

  // Returns whether the algorithm should terminate after applying the account
  // label filter.
  bool FilterAccountsWithLabel(
      const std::string& label,
      std::vector<IdentityRequestAccountPtr>& accounts);
  // Returns whether the algorithm should terminate after applying the login
  // hint filter.
  bool FilterAccountsWithLoginHint(
      const std::string& login_hint,
      std::vector<IdentityRequestAccountPtr>& accounts);
  // Returns whether the algorithm should terminate after applying the domain
  // hint filter.
  bool FilterAccountsWithDomainHint(
      const std::string& domain_hint,
      std::vector<IdentityRequestAccountPtr>& accounts);

  // Computes the login state of accounts. It uses the IDP-provided signal, if
  // it had been populated. Otherwise, it uses the browser knowledge on which
  // accounts are returning and which are not.
  void ComputeLoginStates(const GURL& idp_config_url,
                          std::vector<IdentityRequestAccountPtr>& accounts);

  void ComputeAccountFields(
      const std::vector<IdentityRequestDialogDisclosureField>& rp_fields,
      std::vector<IdentityRequestAccountPtr>& accounts);

  // Updates the IdpSigninStatus in case of accounts fetch failure and shows a
  // failure UI if applicable.
  void HandleAccountsFetchFailure(
      std::unique_ptr<IdentityProviderInfo> idp_info,
      std::optional<bool> old_idp_signin_status,
      blink::mojom::FederatedAuthRequestResult result,
      std::optional<content::FedCmRequestIdTokenStatus> token_status,
      const IdpNetworkRequestManager::FetchStatus& status);

  void OnIdpMismatch(std::unique_ptr<IdentityProviderInfo> idp_info);

  void SendFailedTokenRequestMetrics(
      const GURL& metrics_endpoint,
      blink::mojom::FederatedAuthRequestResult result,
      bool did_show_ui);

  std::unique_ptr<FedCmConfigFetcher> config_fetcher_;

  // Populated in OnAllConfigAndWellKnownFetched().
  base::flat_map<GURL, GURL> metrics_endpoints_;

  // Owned by FederatedAuthRequestImpl.
  raw_ref<RenderFrameHost> render_frame_host_;
  raw_ptr<IdpNetworkRequestManager> network_manager_;
  raw_ptr<FederatedIdentityApiPermissionContextDelegate>
      api_permission_delegate_;
  raw_ptr<FederatedIdentityPermissionContextDelegate> permission_delegate_;

  FedCmFetchingParams params_;

  raw_ptr<FederatedAuthRequestImpl> federated_auth_request_impl_;

  base::WeakPtrFactory<FedCmAccountsFetcher> weak_ptr_factory_{this};
};

}  // namespace content

#endif  // CONTENT_BROWSER_FEDCM_ACCOUNTS_FETCHER_H_