// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "content/browser/ssl/ssl_client_auth_handler.h"
#include "base/bind.h"
#include "base/logging.h"
#include "content/browser/loader/resource_request_info_impl.h"
#include "content/public/browser/browser_thread.h"
#include "content/public/browser/content_browser_client.h"
#include "net/cert/x509_certificate.h"
#include "net/ssl/client_cert_store.h"
#include "net/url_request/url_request.h"
namespace content {
namespace {
typedef base::Callback<void(net::X509Certificate*)> CertificateCallback;
void CertificateSelectedOnUIThread(
const CertificateCallback& io_thread_callback,
net::X509Certificate* cert) {
DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
BrowserThread::PostTask(
BrowserThread::IO, FROM_HERE,
base::Bind(io_thread_callback, make_scoped_refptr(cert)));
}
void SelectCertificateOnUIThread(
int render_process_host_id,
int render_frame_host_id,
net::SSLCertRequestInfo* cert_request_info,
const CertificateCallback& io_thread_callback) {
DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
GetContentClient()->browser()->SelectClientCertificate(
render_process_host_id, render_frame_host_id, cert_request_info,
base::Bind(&CertificateSelectedOnUIThread, io_thread_callback));
}
} // namespace
SSLClientAuthHandler::SSLClientAuthHandler(
scoped_ptr<net::ClientCertStore> client_cert_store,
net::URLRequest* request,
net::SSLCertRequestInfo* cert_request_info,
const SSLClientAuthHandler::CertificateCallback& callback)
: request_(request),
cert_request_info_(cert_request_info),
client_cert_store_(client_cert_store.Pass()),
callback_(callback),
weak_factory_(this) {
DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
}
SSLClientAuthHandler::~SSLClientAuthHandler() {
}
void SSLClientAuthHandler::SelectCertificate() {
DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
if (client_cert_store_) {
client_cert_store_->GetClientCerts(
*cert_request_info_,
&cert_request_info_->client_certs,
base::Bind(&SSLClientAuthHandler::DidGetClientCerts,
weak_factory_.GetWeakPtr()));
} else {
DidGetClientCerts();
}
}
void SSLClientAuthHandler::DidGetClientCerts() {
DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
// Note that if |client_cert_store_| is NULL, we intentionally fall through to
// DoCertificateSelected. This is for platforms where the client cert matching
// is not performed by Chrome. Those platforms handle the cert matching before
// showing the dialog.
if (client_cert_store_ && cert_request_info_->client_certs.empty()) {
// No need to query the user if there are no certs to choose from.
CertificateSelected(NULL);
return;
}
int render_process_host_id;
int render_frame_host_id;
if (!ResourceRequestInfo::ForRequest(request_)->GetAssociatedRenderFrame(
&render_process_host_id,
&render_frame_host_id)) {
NOTREACHED();
CertificateSelected(NULL);
return;
}
BrowserThread::PostTask(
BrowserThread::UI, FROM_HERE,
base::Bind(&SelectCertificateOnUIThread,
render_process_host_id, render_frame_host_id,
cert_request_info_,
base::Bind(&SSLClientAuthHandler::CertificateSelected,
weak_factory_.GetWeakPtr())));
}
void SSLClientAuthHandler::CertificateSelected(net::X509Certificate* cert) {
VLOG(1) << this << " DoCertificateSelected " << cert;
DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
callback_.Run(cert);
// |this| may be deleted at this point.
}
} // namespace content