From 2de5f9de6c47e866da692655222692900212a617 Mon Sep 17 00:00:00 2001
From: deepak1556 <hop2deep@gmail.com>
Date: Thu, 4 Jun 2015 02:27:06 +0530
Subject: [PATCH] browser: support client certificate

---
 atom/browser/atom_browser_client.cc      | 36 ++++++++++++++++++++++++++++++++
 atom/browser/atom_browser_client.h       |  9 ++++++++
 atom/common/options_switches.cc          |  3 +++
 atom/common/options_switches.h           |  1 +
 docs/api/chrome-command-line-switches.md |  4 ++++
 5 files changed, 53 insertions(+)

diff --git a/atom/browser/atom_browser_client.cc b/atom/browser/atom_browser_client.cc
index 88aa5b7..2d5db4d 100644
--- a/atom/browser/atom_browser_client.cc
+++ b/atom/browser/atom_browser_client.cc
@@ -19,11 +19,14 @@
 #include "chrome/browser/renderer_host/pepper/chrome_browser_pepper_host_factory.h"
 #include "chrome/browser/speech/tts_message_filter.h"
 #include "content/public/browser/browser_ppapi_host.h"
+#include "content/public/browser/client_certificate_delegate.h"
 #include "content/public/browser/render_process_host.h"
 #include "content/public/browser/render_view_host.h"
 #include "content/public/browser/site_instance.h"
 #include "content/public/browser/web_contents.h"
 #include "content/public/common/web_preferences.h"
+#include "net/cert/x509_certificate.h"
+#include "net/ssl/ssl_cert_request_info.h"
 #include "ppapi/host/ppapi_host.h"
 #include "ui/base/l10n/l10n_util.h"
 
@@ -67,6 +70,23 @@ ProcessOwner GetProcessOwner(int process_id,
   return OWNER_NONE;
 }
 
+scoped_refptr<net::X509Certificate> ImportCertFromFile(
+    const base::FilePath& path) {
+  std::string cert_data;
+  if (!base::ReadFileToString(path, &cert_data))
+    return nullptr;
+
+  net::CertificateList certs =
+      net::X509Certificate::CreateCertificateListFromBytes(
+          cert_data.data(), cert_data.size(),
+          net::X509Certificate::FORMAT_AUTO);
+
+  if (certs.empty())
+    return nullptr;
+
+  return certs[0];
+}
+
 }  // namespace
 
 // static
@@ -189,6 +209,22 @@ content::QuotaPermissionContext*
   return new AtomQuotaPermissionContext;
 }
 
+void AtomBrowserClient::SelectClientCertificate(
+    content::WebContents* web_contents,
+    net::SSLCertRequestInfo* cert_request_info,
+    scoped_ptr<content::ClientCertificateDelegate> delegate) {
+  auto command_line = base::CommandLine::ForCurrentProcess();
+  auto cert_path = command_line->GetSwitchValueNative(
+      switches::kClientCertificate);
+
+  if (cert_path.empty())
+    return;
+
+  scoped_refptr<net::X509Certificate> certificate =
+      ImportCertFromFile(base::FilePath(cert_path));
+  delegate->ContinueWithCertificate(certificate.get());
+}
+
 brightray::BrowserMainParts* AtomBrowserClient::OverrideCreateBrowserMainParts(
     const content::MainFunctionParams&) {
   v8::V8::Initialize();  // Init V8 before creating main parts.
diff --git a/atom/browser/atom_browser_client.h b/atom/browser/atom_browser_client.h
index 6aebc31..c8a26da 100644
--- a/atom/browser/atom_browser_client.h
+++ b/atom/browser/atom_browser_client.h
@@ -11,6 +11,11 @@
 
 namespace content {
 class QuotaPermissionContext;
+class ClientCertificateDelegate;
+}
+
+namespace net {
+class SSLCertRequestInfo;
 }
 
 namespace atom {
@@ -41,6 +46,10 @@ class AtomBrowserClient : public brightray::BrowserClient {
                                       int child_process_id) override;
   void DidCreatePpapiPlugin(content::BrowserPpapiHost* browser_host) override;
   content::QuotaPermissionContext* CreateQuotaPermissionContext() override;
+  void SelectClientCertificate(
+      content::WebContents* web_contents,
+      net::SSLCertRequestInfo* cert_request_info,
+      scoped_ptr<content::ClientCertificateDelegate> delegate) override;
 
  private:
   brightray::BrowserMainParts* OverrideCreateBrowserMainParts(
diff --git a/atom/common/options_switches.cc b/atom/common/options_switches.cc
index c999799..2764f86 100644
--- a/atom/common/options_switches.cc
+++ b/atom/common/options_switches.cc
@@ -87,6 +87,9 @@ const char kDisableAutoHideCursor[] = "disable-auto-hide-cursor";
 // Use the OS X's standard window instead of the textured window.
 const char kStandardWindow[] = "standard-window";
 
+// Path to client certificate.
+const char kClientCertificate[] = "client-certificate";
+
 // Web runtime features.
 const char kExperimentalFeatures[]       = "experimental-features";
 const char kExperimentalCanvasFeatures[] = "experimental-canvas-features";
diff --git a/atom/common/options_switches.h b/atom/common/options_switches.h
index 071459a..e6d8506 100644
--- a/atom/common/options_switches.h
+++ b/atom/common/options_switches.h
@@ -45,6 +45,7 @@ extern const char kTransparent[];
 extern const char kType[];
 extern const char kDisableAutoHideCursor[];
 extern const char kStandardWindow[];
+extern const char kClientCertificate[];
 
 extern const char kExperimentalFeatures[];
 extern const char kExperimentalCanvasFeatures[];
diff --git a/docs/api/chrome-command-line-switches.md b/docs/api/chrome-command-line-switches.md
index 316211e..37b0e6f 100644
--- a/docs/api/chrome-command-line-switches.md
+++ b/docs/api/chrome-command-line-switches.md
@@ -14,6 +14,10 @@ app.on('ready', function() {
 });
 ```
 
+## --client-certificate
+
+Path to client certificate file.
+
 ## --disable-http-cache
 
 Disables the disk cache for HTTP requests.
-- 
2.7.4