Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(310)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/browser/webauth/authenticator_impl.cc

Issue 2788823002: Add the Mojo implementation of authenticator.mojom's MakeCredential. (Closed)
Patch Set: Export authenticator_impl Created 3 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « content/browser/webauth/authenticator_impl.h ('k') | content/browser/webauth/authenticator_impl_unittest.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/browser/webauth/authenticator_impl.cc
diff --git a/content/browser/webauth/authenticator_impl.cc b/content/browser/webauth/authenticator_impl.cc
new file mode 100644
index 0000000000000000000000000000000000000000..95393e8f867bec14130d0d271334dfab1efbfd95
--- /dev/null
+++ b/content/browser/webauth/authenticator_impl.cc
@@ -0,0 +1,111 @@
+// Copyright 2017 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "content/browser/webauth/authenticator_impl.h"
+
+#include <memory>
+
+#include "base/json/json_writer.h"
+#include "base/memory/ptr_util.h"
+#include "content/public/browser/render_frame_host.h"
+#include "content/public/browser/web_contents.h"
+#include "crypto/sha2.h"
+#include "mojo/public/cpp/bindings/strong_binding.h"
+
+namespace content {
+
+namespace {
+
+const char kGetAssertionType[] = "navigator.id.getAssertion";
+
+// JSON key values
+const char kTypeKey[] = "type";
+const char kChallengeKey[] = "challenge";
+const char kOriginKey[] = "origin";
+const char kCidPubkeyKey[] = "cid_pubkey";
+
+} // namespace
+
+// Serializes the |value| to a JSON string and returns the result.
+std::string SerializeValueToJson(const base::Value& value) {
+ std::string json;
+ base::JSONWriter::Write(value, &json);
+ return json;
+}
+
+// static
+void AuthenticatorImpl::Create(
+ RenderFrameHost* render_frame_host,
+ const service_manager::BindSourceInfo& source_info,
+ webauth::mojom::AuthenticatorRequest request) {
+ auto authenticator_impl =
+ base::WrapUnique(new AuthenticatorImpl(render_frame_host));
+ mojo::MakeStrongBinding(std::move(authenticator_impl), std::move(request));
+}
+
+AuthenticatorImpl::~AuthenticatorImpl() {}
+
+AuthenticatorImpl::AuthenticatorImpl(RenderFrameHost* render_frame_host) {
+ DCHECK(render_frame_host);
+ caller_origin_ = render_frame_host->GetLastCommittedOrigin();
+}
+
+// mojom:Authenticator
+void AuthenticatorImpl::MakeCredential(
+ webauth::mojom::RelyingPartyAccountPtr account,
+ std::vector<webauth::mojom::ScopedCredentialParametersPtr> parameters,
+ const std::vector<uint8_t>& challenge,
+ webauth::mojom::ScopedCredentialOptionsPtr options,
+ MakeCredentialCallback callback) {
+ std::string effective_domain;
+ std::string relying_party_id;
+ std::string client_data_json;
+ base::DictionaryValue client_data;
+
+ // Steps 6 & 7 of https://w3c.github.io/webauthn/#createCredential
+ // opaque origin
+ if (caller_origin_.unique()) {
+ std::move(callback).Run(
+ webauth::mojom::AuthenticatorStatus::NOT_ALLOWED_ERROR, NULL);
+ return;
+ }
+
+ if (!options->relying_party_id) {
+ relying_party_id = caller_origin_.Serialize();
+ } else {
+ effective_domain = caller_origin_.host();
+
+ DCHECK(!effective_domain.empty());
+ // TODO(kpaulhamus): Check if relyingPartyId is a registrable domain
+ // suffix of and equal to effectiveDomain and set relyingPartyId
+ // appropriately.
+ relying_party_id = options->relying_party_id.value_or(std::string());
+ }
+
+ // TODO(kpaulhamus): Check ScopedCredentialParameter's type and
+ // algorithmIdentifier after algorithmIdentifier is added to mojom to
+ // make sure it is U2F_V2.
+
+ client_data.SetString(kTypeKey, kGetAssertionType);
+ client_data.SetString(
+ kChallengeKey,
+ base::StringPiece(reinterpret_cast<const char*>(challenge.data()),
+ challenge.size()));
+ client_data.SetString(kOriginKey, relying_party_id);
+ // Channel ID is optional, and missing if the browser doesn't support it.
+ // It is present and set to the constant "unused" if the browser
+ // supports Channel ID but is not using it to talk to the origin.
+ // TODO(kpaulhamus): Fetch and add the Channel ID public key used to
+ // communicate with the origin.
+ client_data.SetString(kCidPubkeyKey, "unused");
+
+ // SHA-256 hash the JSON data structure
+ client_data_json = SerializeValueToJson(client_data);
+ std::string client_data_hash = crypto::SHA256HashString(client_data_json);
+
+ std::move(callback).Run(webauth::mojom::AuthenticatorStatus::NOT_IMPLEMENTED,
+ nullptr);
+}
+
+} // namespace content
« no previous file with comments | « content/browser/webauth/authenticator_impl.h ('k') | content/browser/webauth/authenticator_impl_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698