third_party/WebKit/Source/modules/webauth/WebAuthentication.cpp - chromium/src - Git at Google

 // Copyright 2016 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "modules/webauth/WebAuthentication.h"

 #include <stdint.h>

 #include "bindings/core/v8/ScriptPromise.h"
 #include "bindings/core/v8/ScriptPromiseResolver.h"
 #include "core/dom/DOMException.h"
 #include "core/dom/Document.h"
 #include "core/dom/ExceptionCode.h"
 #include "core/frame/LocalFrame.h"
 #include "modules/webauth/RelyingPartyAccount.h"
 #include "modules/webauth/ScopedCredential.h"
 #include "modules/webauth/ScopedCredentialOptions.h"
 #include "modules/webauth/ScopedCredentialParameters.h"
 #include "public/platform/InterfaceProvider.h"

 namespace {
 const char kNoAuthenticatorError[] = "Authenticator unavailable.";
 }  // anonymous namespace

 namespace mojo {

 using webauth::mojom::blink::RelyingPartyAccount;
 using webauth::mojom::blink::RelyingPartyAccountPtr;
 using webauth::mojom::blink::ScopedCredentialOptions;
 using webauth::mojom::blink::ScopedCredentialOptionsPtr;
 using webauth::mojom::blink::ScopedCredentialParameters;
 using webauth::mojom::blink::ScopedCredentialParametersPtr;
 using webauth::mojom::blink::ScopedCredentialDescriptor;
 using webauth::mojom::blink::ScopedCredentialType;
 using webauth::mojom::blink::Transport;

 // TODO(kpaulhamus): Make this a TypeConverter
 Vector<uint8_t> ConvertBufferSource(const blink::BufferSource& buffer) {
   DCHECK(buffer.isNull());
   Vector<uint8_t> vector;
   if (buffer.isArrayBuffer()) {
     vector.Append(static_cast<uint8_t*>(buffer.getAsArrayBuffer()->Data()),
                   buffer.getAsArrayBuffer()->ByteLength());
   } else {
     vector.Append(static_cast<uint8_t*>(
                       buffer.getAsArrayBufferView().View()->BaseAddress()),
                   buffer.getAsArrayBufferView().View()->byteLength());
   }
   return vector;
 }

 // TODO(kpaulhamus): Make this a TypeConverter
 ScopedCredentialType ConvertScopedCredentialType(const String& cred_type) {
   if (cred_type == "ScopedCred")
     return ScopedCredentialType::SCOPEDCRED;
   NOTREACHED();
   return ScopedCredentialType::SCOPEDCRED;
 }

 // TODO(kpaulhamus): Make this a TypeConverter
 Transport ConvertTransport(const String& transport) {
   if (transport == "usb")
     return Transport::USB;
   if (transport == "nfc")
     return Transport::NFC;
   if (transport == "ble")
     return Transport::BLE;
   NOTREACHED();
   return Transport::USB;
 }

 RelyingPartyAccountPtr ConvertRelyingPartyAccount(
     const blink::RelyingPartyAccount& account_information,
     blink::ScriptPromiseResolver* resolver) {
   auto mojo_account = RelyingPartyAccount::New();

   mojo_account->relying_party_display_name =
       account_information.rpDisplayName();
   mojo_account->display_name = account_information.displayName();
   mojo_account->id = account_information.id();
   mojo_account->name = account_information.name();
   mojo_account->image_url = account_information.imageURL();
   return mojo_account;
 }

 // TODO(kpaulhamus): Make this a TypeConverter
 ScopedCredentialOptionsPtr ConvertScopedCredentialOptions(
     const blink::ScopedCredentialOptions options,
     blink::ScriptPromiseResolver* resolver) {
   auto mojo_options = ScopedCredentialOptions::New();
   mojo_options->timeout_seconds = options.timeoutSeconds();
   mojo_options->relying_party_id = options.rpId();

   // Adds the excludeList members (which are ScopedCredentialDescriptors)
   for (const auto& descriptor : options.excludeList()) {
     auto mojo_descriptor = ScopedCredentialDescriptor::New();
     mojo_descriptor->type = ConvertScopedCredentialType(descriptor.type());
     mojo_descriptor->id = ConvertBufferSource(descriptor.id());
     for (const auto& transport : descriptor.transports())
       mojo_descriptor->transports.push_back(ConvertTransport(transport));
     mojo_options->exclude_list.push_back(std::move(mojo_descriptor));
   }
   // TODO(kpaulhamus): add AuthenticationExtensions;
   return mojo_options;
 }

 // TODO(kpaulhamus): Make this a TypeConverter
 ScopedCredentialParametersPtr ConvertScopedCredentialParameter(
     const blink::ScopedCredentialParameters parameter,
     blink::ScriptPromiseResolver* resolver) {
   auto mojo_parameter = ScopedCredentialParameters::New();
   mojo_parameter->type = ConvertScopedCredentialType(parameter.type());
   // TODO(kpaulhamus): add AlgorithmIdentifier
   return mojo_parameter;
 }
 }  // namespace mojo

 namespace blink {

 WebAuthentication::WebAuthentication(LocalFrame& frame)
     : ContextLifecycleObserver(frame.GetDocument()) {
   frame.GetInterfaceProvider()->GetInterface(
       mojo::MakeRequest(&authenticator_));
   authenticator_.set_connection_error_handler(ConvertToBaseCallback(
       WTF::Bind(&WebAuthentication::OnAuthenticatorConnectionError,
                 WrapWeakPersistent(this))));
 }

 WebAuthentication::~WebAuthentication() {
   // |authenticator_| may still be valid but there should be no more
   // outstanding requests because each holds a persistent handle to this object.
   DCHECK(authenticator_requests_.IsEmpty());
 }

 void WebAuthentication::Dispose() {}

 ScriptPromise WebAuthentication::makeCredential(
     ScriptState* script_state,
     const RelyingPartyAccount& account_information,
     const HeapVector<ScopedCredentialParameters> crypto_parameters,
     const BufferSource& attestation_challenge,
     ScopedCredentialOptions& options) {
   if (!authenticator_) {
     return ScriptPromise::RejectWithDOMException(
         script_state, DOMException::Create(kNotSupportedError));
   }

   ScriptPromiseResolver* resolver = ScriptPromiseResolver::Create(script_state);
   ScriptPromise promise = resolver->Promise();

   // TODO(kpaulhamus) validate parameters according to spec
   auto account =
       mojo::ConvertRelyingPartyAccount(account_information, resolver);
   Vector<uint8_t> buffer = mojo::ConvertBufferSource(attestation_challenge);
   auto opts = mojo::ConvertScopedCredentialOptions(options, resolver);
   Vector<webauth::mojom::blink::ScopedCredentialParametersPtr> parameters;
   for (const auto& parameter : crypto_parameters) {
     parameters.push_back(
         mojo::ConvertScopedCredentialParameter(parameter, resolver));
   }

   authenticator_requests_.insert(resolver);
   authenticator_->MakeCredential(
       std::move(account), std::move(parameters), buffer, std::move(opts),
       ConvertToBaseCallback(Bind(&WebAuthentication::OnMakeCredential,
                                  WrapPersistent(this),
                                  WrapPersistent(resolver))));
   return promise;
 }

 ScriptPromise WebAuthentication::getAssertion(
     ScriptState* script_state,
     const BufferSource& assertion_challenge,
     const AuthenticationAssertionOptions& options) {
   NOTREACHED();
   return ScriptPromise();
 }

 void WebAuthentication::ContextDestroyed(ExecutionContext*) {
   authenticator_.reset();
   authenticator_requests_.clear();
 }

 void WebAuthentication::OnAuthenticatorConnectionError() {
   authenticator_.reset();
   for (ScriptPromiseResolver* resolver : authenticator_requests_) {
     resolver->Reject(
         DOMException::Create(kNotFoundError, kNoAuthenticatorError));
   }
   authenticator_requests_.clear();
 }

 void WebAuthentication::OnMakeCredential(
     ScriptPromiseResolver* resolver,
     Vector<webauth::mojom::blink::ScopedCredentialInfoPtr> credentials) {
   if (!MarkRequestComplete(resolver))
     return;

   HeapVector<Member<ScopedCredentialInfo>> scoped_credentials;
   for (auto& credential : credentials) {
     if (credential->client_data.IsEmpty() ||
         credential->attestation.IsEmpty()) {
       resolver->Reject(
           DOMException::Create(kNotFoundError, "No credentials returned."));
     }
     DOMArrayBuffer* client_data_buffer = DOMArrayBuffer::Create(
         static_cast<void*>(&credential->client_data.front()),
         credential->client_data.size());

     DOMArrayBuffer* attestation_buffer = DOMArrayBuffer::Create(
         static_cast<void*>(&credential->attestation.front()),
         credential->attestation.size());

     scoped_credentials.push_back(
         ScopedCredentialInfo::Create(client_data_buffer, attestation_buffer));
   }
   resolver->Resolve();
 }

 bool WebAuthentication::MarkRequestComplete(ScriptPromiseResolver* resolver) {
   auto request_entry = authenticator_requests_.find(resolver);
   if (request_entry == authenticator_requests_.end())
     return false;
   authenticator_requests_.erase(request_entry);
   return true;
 }

 DEFINE_TRACE(WebAuthentication) {
   visitor->Trace(authenticator_requests_);
   ContextLifecycleObserver::Trace(visitor);
 }

 }  // namespace blink
	// Copyright 2016 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "modules/webauth/WebAuthentication.h"

	#include <stdint.h>

	#include "bindings/core/v8/ScriptPromise.h"
	#include "bindings/core/v8/ScriptPromiseResolver.h"
	#include "core/dom/DOMException.h"
	#include "core/dom/Document.h"
	#include "core/dom/ExceptionCode.h"
	#include "core/frame/LocalFrame.h"
	#include "modules/webauth/RelyingPartyAccount.h"
	#include "modules/webauth/ScopedCredential.h"
	#include "modules/webauth/ScopedCredentialOptions.h"
	#include "modules/webauth/ScopedCredentialParameters.h"
	#include "public/platform/InterfaceProvider.h"

	namespace {
	const char kNoAuthenticatorError[] = "Authenticator unavailable.";
	} // anonymous namespace

	namespace mojo {

	using webauth::mojom::blink::RelyingPartyAccount;
	using webauth::mojom::blink::RelyingPartyAccountPtr;
	using webauth::mojom::blink::ScopedCredentialOptions;
	using webauth::mojom::blink::ScopedCredentialOptionsPtr;
	using webauth::mojom::blink::ScopedCredentialParameters;
	using webauth::mojom::blink::ScopedCredentialParametersPtr;
	using webauth::mojom::blink::ScopedCredentialDescriptor;
	using webauth::mojom::blink::ScopedCredentialType;
	using webauth::mojom::blink::Transport;

	// TODO(kpaulhamus): Make this a TypeConverter
	Vector<uint8_t> ConvertBufferSource(const blink::BufferSource& buffer) {
	DCHECK(buffer.isNull());
	Vector<uint8_t> vector;
	if (buffer.isArrayBuffer()) {
	vector.Append(static_cast<uint8_t*>(buffer.getAsArrayBuffer()->Data()),
	buffer.getAsArrayBuffer()->ByteLength());
	} else {
	vector.Append(static_cast<uint8_t*>(
	buffer.getAsArrayBufferView().View()->BaseAddress()),
	buffer.getAsArrayBufferView().View()->byteLength());
	}
	return vector;
	}

	// TODO(kpaulhamus): Make this a TypeConverter
	ScopedCredentialType ConvertScopedCredentialType(const String& cred_type) {
	if (cred_type == "ScopedCred")
	return ScopedCredentialType::SCOPEDCRED;
	NOTREACHED();
	return ScopedCredentialType::SCOPEDCRED;
	}

	// TODO(kpaulhamus): Make this a TypeConverter
	Transport ConvertTransport(const String& transport) {
	if (transport == "usb")
	return Transport::USB;
	if (transport == "nfc")
	return Transport::NFC;
	if (transport == "ble")
	return Transport::BLE;
	NOTREACHED();
	return Transport::USB;
	}

	RelyingPartyAccountPtr ConvertRelyingPartyAccount(
	const blink::RelyingPartyAccount& account_information,
	blink::ScriptPromiseResolver* resolver) {
	auto mojo_account = RelyingPartyAccount::New();

	mojo_account->relying_party_display_name =
	account_information.rpDisplayName();
	mojo_account->display_name = account_information.displayName();
	mojo_account->id = account_information.id();
	mojo_account->name = account_information.name();
	mojo_account->image_url = account_information.imageURL();
	return mojo_account;
	}

	// TODO(kpaulhamus): Make this a TypeConverter
	ScopedCredentialOptionsPtr ConvertScopedCredentialOptions(
	const blink::ScopedCredentialOptions options,
	blink::ScriptPromiseResolver* resolver) {
	auto mojo_options = ScopedCredentialOptions::New();
	mojo_options->timeout_seconds = options.timeoutSeconds();
	mojo_options->relying_party_id = options.rpId();

	// Adds the excludeList members (which are ScopedCredentialDescriptors)
	for (const auto& descriptor : options.excludeList()) {
	auto mojo_descriptor = ScopedCredentialDescriptor::New();
	mojo_descriptor->type = ConvertScopedCredentialType(descriptor.type());
	mojo_descriptor->id = ConvertBufferSource(descriptor.id());
	for (const auto& transport : descriptor.transports())
	mojo_descriptor->transports.push_back(ConvertTransport(transport));
	mojo_options->exclude_list.push_back(std::move(mojo_descriptor));
	}
	// TODO(kpaulhamus): add AuthenticationExtensions;
	return mojo_options;
	}

	// TODO(kpaulhamus): Make this a TypeConverter
	ScopedCredentialParametersPtr ConvertScopedCredentialParameter(
	const blink::ScopedCredentialParameters parameter,
	blink::ScriptPromiseResolver* resolver) {
	auto mojo_parameter = ScopedCredentialParameters::New();
	mojo_parameter->type = ConvertScopedCredentialType(parameter.type());
	// TODO(kpaulhamus): add AlgorithmIdentifier
	return mojo_parameter;
	}
	} // namespace mojo

	namespace blink {

	WebAuthentication::WebAuthentication(LocalFrame& frame)
	: ContextLifecycleObserver(frame.GetDocument()) {
	frame.GetInterfaceProvider()->GetInterface(
	mojo::MakeRequest(&authenticator_));
	authenticator_.set_connection_error_handler(ConvertToBaseCallback(
	WTF::Bind(&WebAuthentication::OnAuthenticatorConnectionError,
	WrapWeakPersistent(this))));
	}

	WebAuthentication::~WebAuthentication() {
	// \|authenticator_\| may still be valid but there should be no more
	// outstanding requests because each holds a persistent handle to this object.
	DCHECK(authenticator_requests_.IsEmpty());
	}

	void WebAuthentication::Dispose() {}

	ScriptPromise WebAuthentication::makeCredential(
	ScriptState* script_state,
	const RelyingPartyAccount& account_information,
	const HeapVector<ScopedCredentialParameters> crypto_parameters,
	const BufferSource& attestation_challenge,
	ScopedCredentialOptions& options) {
	if (!authenticator_) {
	return ScriptPromise::RejectWithDOMException(
	script_state, DOMException::Create(kNotSupportedError));
	}

	ScriptPromiseResolver* resolver = ScriptPromiseResolver::Create(script_state);
	ScriptPromise promise = resolver->Promise();

	// TODO(kpaulhamus) validate parameters according to spec
	auto account =
	mojo::ConvertRelyingPartyAccount(account_information, resolver);
	Vector<uint8_t> buffer = mojo::ConvertBufferSource(attestation_challenge);
	auto opts = mojo::ConvertScopedCredentialOptions(options, resolver);
	Vector<webauth::mojom::blink::ScopedCredentialParametersPtr> parameters;
	for (const auto& parameter : crypto_parameters) {
	parameters.push_back(
	mojo::ConvertScopedCredentialParameter(parameter, resolver));
	}

	authenticator_requests_.insert(resolver);
	authenticator_->MakeCredential(
	std::move(account), std::move(parameters), buffer, std::move(opts),
	ConvertToBaseCallback(Bind(&WebAuthentication::OnMakeCredential,
	WrapPersistent(this),
	WrapPersistent(resolver))));
	return promise;
	}

	ScriptPromise WebAuthentication::getAssertion(
	ScriptState* script_state,
	const BufferSource& assertion_challenge,
	const AuthenticationAssertionOptions& options) {
	NOTREACHED();
	return ScriptPromise();
	}

	void WebAuthentication::ContextDestroyed(ExecutionContext*) {
	authenticator_.reset();
	authenticator_requests_.clear();
	}

	void WebAuthentication::OnAuthenticatorConnectionError() {
	authenticator_.reset();
	for (ScriptPromiseResolver* resolver : authenticator_requests_) {
	resolver->Reject(
	DOMException::Create(kNotFoundError, kNoAuthenticatorError));
	}
	authenticator_requests_.clear();
	}

	void WebAuthentication::OnMakeCredential(
	ScriptPromiseResolver* resolver,
	Vector<webauth::mojom::blink::ScopedCredentialInfoPtr> credentials) {
	if (!MarkRequestComplete(resolver))
	return;

	HeapVector<Member<ScopedCredentialInfo>> scoped_credentials;
	for (auto& credential : credentials) {
	if (credential->client_data.IsEmpty() \|\|
	credential->attestation.IsEmpty()) {
	resolver->Reject(
	DOMException::Create(kNotFoundError, "No credentials returned."));
	}
	DOMArrayBuffer* client_data_buffer = DOMArrayBuffer::Create(
	static_cast<void*>(&credential->client_data.front()),
	credential->client_data.size());

	DOMArrayBuffer* attestation_buffer = DOMArrayBuffer::Create(
	static_cast<void*>(&credential->attestation.front()),
	credential->attestation.size());

	scoped_credentials.push_back(
	ScopedCredentialInfo::Create(client_data_buffer, attestation_buffer));
	}
	resolver->Resolve();
	}

	bool WebAuthentication::MarkRequestComplete(ScriptPromiseResolver* resolver) {
	auto request_entry = authenticator_requests_.find(resolver);
	if (request_entry == authenticator_requests_.end())
	return false;
	authenticator_requests_.erase(request_entry);
	return true;
	}

	DEFINE_TRACE(WebAuthentication) {
	visitor->Trace(authenticator_requests_);
	ContextLifecycleObserver::Trace(visitor);
	}

	} // namespace blink