1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/extensions/api/identity/web_auth_flow.h"
7 #include "apps/app_window.h"
8 #include "base/base64.h"
9 #include "base/location.h"
10 #include "base/message_loop/message_loop.h"
11 #include "base/strings/string_util.h"
12 #include "base/strings/utf_string_conversions.h"
13 #include "chrome/browser/extensions/component_loader.h"
14 #include "chrome/browser/extensions/extension_service.h"
15 #include "chrome/browser/profiles/profile.h"
16 #include "chrome/common/extensions/api/identity_private.h"
17 #include "chrome/common/extensions/extension_constants.h"
18 #include "content/public/browser/navigation_details.h"
19 #include "content/public/browser/navigation_entry.h"
20 #include "content/public/browser/notification_details.h"
21 #include "content/public/browser/notification_service.h"
22 #include "content/public/browser/notification_source.h"
23 #include "content/public/browser/notification_types.h"
24 #include "content/public/browser/render_view_host.h"
25 #include "content/public/browser/resource_request_details.h"
26 #include "content/public/browser/web_contents.h"
27 #include "crypto/random.h"
28 #include "extensions/browser/event_router.h"
29 #include "extensions/browser/extension_system.h"
30 #include "grit/browser_resources.h"
33 using apps::AppWindow;
34 using content::RenderViewHost;
35 using content::ResourceRedirectDetails;
36 using content::WebContents;
37 using content::WebContentsObserver;
39 namespace extensions {
41 namespace identity_private = api::identity_private;
43 WebAuthFlow::WebAuthFlow(
46 const GURL& provider_url,
48 : delegate_(delegate),
50 provider_url_(provider_url),
52 embedded_window_created_(false) {
55 WebAuthFlow::~WebAuthFlow() {
56 DCHECK(delegate_ == NULL);
58 // Stop listening to notifications first since some of the code
59 // below may generate notifications.
60 registrar_.RemoveAll();
61 WebContentsObserver::Observe(NULL);
63 if (!app_window_key_.empty()) {
64 apps::AppWindowRegistry::Get(profile_)->RemoveObserver(this);
66 if (app_window_ && app_window_->web_contents())
67 app_window_->web_contents()->Close();
71 void WebAuthFlow::Start() {
72 apps::AppWindowRegistry::Get(profile_)->AddObserver(this);
74 // Attach a random ID string to the window so we can recoginize it
75 // in OnAppWindowAdded.
76 std::string random_bytes;
77 crypto::RandBytes(WriteInto(&random_bytes, 33), 32);
78 base::Base64Encode(random_bytes, &app_window_key_);
80 // identityPrivate.onWebFlowRequest(shell_window_key, provider_url_, mode_)
81 scoped_ptr<base::ListValue> args(new base::ListValue());
82 args->AppendString(app_window_key_);
83 args->AppendString(provider_url_.spec());
84 if (mode_ == WebAuthFlow::INTERACTIVE)
85 args->AppendString("interactive");
87 args->AppendString("silent");
89 scoped_ptr<Event> event(
90 new Event(identity_private::OnWebFlowRequest::kEventName, args.Pass()));
91 event->restrict_to_browser_context = profile_;
92 ExtensionSystem* system = ExtensionSystem::Get(profile_);
94 extensions::ComponentLoader* component_loader =
95 system->extension_service()->component_loader();
96 if (!component_loader->Exists(extension_misc::kIdentityApiUiAppId)) {
97 component_loader->Add(
98 IDR_IDENTITY_API_SCOPE_APPROVAL_MANIFEST,
99 base::FilePath(FILE_PATH_LITERAL("identity_scope_approval_dialog")));
102 system->event_router()->DispatchEventWithLazyListener(
103 extension_misc::kIdentityApiUiAppId, event.Pass());
106 void WebAuthFlow::DetachDelegateAndDelete() {
108 base::MessageLoop::current()->DeleteSoon(FROM_HERE, this);
111 void WebAuthFlow::OnAppWindowAdded(AppWindow* app_window) {
112 if (app_window->window_key() == app_window_key_ &&
113 app_window->extension()->id() == extension_misc::kIdentityApiUiAppId) {
114 app_window_ = app_window;
115 WebContentsObserver::Observe(app_window->web_contents());
119 content::NOTIFICATION_WEB_CONTENTS_RENDER_VIEW_HOST_CREATED,
120 content::NotificationService::AllBrowserContextsAndSources());
124 void WebAuthFlow::OnAppWindowIconChanged(AppWindow* app_window) {}
126 void WebAuthFlow::OnAppWindowRemoved(AppWindow* app_window) {
127 if (app_window->window_key() == app_window_key_ &&
128 app_window->extension()->id() == extension_misc::kIdentityApiUiAppId) {
130 registrar_.RemoveAll();
133 delegate_->OnAuthFlowFailure(WebAuthFlow::WINDOW_CLOSED);
137 void WebAuthFlow::BeforeUrlLoaded(const GURL& url) {
138 if (delegate_ && embedded_window_created_)
139 delegate_->OnAuthFlowURLChange(url);
142 void WebAuthFlow::AfterUrlLoaded() {
143 if (delegate_ && embedded_window_created_ && mode_ == WebAuthFlow::SILENT)
144 delegate_->OnAuthFlowFailure(WebAuthFlow::INTERACTION_REQUIRED);
147 void WebAuthFlow::Observe(int type,
148 const content::NotificationSource& source,
149 const content::NotificationDetails& details) {
155 if (!embedded_window_created_) {
156 DCHECK(type == content::NOTIFICATION_WEB_CONTENTS_RENDER_VIEW_HOST_CREATED);
158 RenderViewHost* render_view(
159 content::Details<RenderViewHost>(details).ptr());
160 WebContents* web_contents = WebContents::FromRenderViewHost(render_view);
163 (web_contents->GetEmbedderWebContents() ==
164 WebContentsObserver::web_contents())) {
165 // Switch from watching the app window to the guest inside it.
166 embedded_window_created_ = true;
167 WebContentsObserver::Observe(web_contents);
169 registrar_.RemoveAll();
171 content::NOTIFICATION_RESOURCE_RECEIVED_REDIRECT,
172 content::Source<WebContents>(web_contents));
174 content::NOTIFICATION_WEB_CONTENTS_TITLE_UPDATED,
175 content::Source<WebContents>(web_contents));
178 // embedded_window_created_
180 case content::NOTIFICATION_RESOURCE_RECEIVED_REDIRECT: {
181 ResourceRedirectDetails* redirect_details =
182 content::Details<ResourceRedirectDetails>(details).ptr();
183 if (redirect_details != NULL)
184 BeforeUrlLoaded(redirect_details->new_url);
187 case content::NOTIFICATION_WEB_CONTENTS_TITLE_UPDATED: {
188 std::pair<content::NavigationEntry*, bool>* title =
189 content::Details<std::pair<content::NavigationEntry*, bool> >(
193 delegate_->OnAuthFlowTitleChange(
194 base::UTF16ToUTF8(title->first->GetTitle()));
200 << "Got a notification that we did not register for: " << type;
206 void WebAuthFlow::RenderProcessGone(base::TerminationStatus status) {
208 delegate_->OnAuthFlowFailure(WebAuthFlow::WINDOW_CLOSED);
211 void WebAuthFlow::DidStartProvisionalLoadForFrame(
213 int64 parent_frame_id,
215 const GURL& validated_url,
217 bool is_iframe_srcdoc,
218 RenderViewHost* render_view_host) {
220 BeforeUrlLoaded(validated_url);
223 void WebAuthFlow::DidFailProvisionalLoad(
225 const base::string16& frame_unique_name,
227 const GURL& validated_url,
229 const base::string16& error_description,
230 RenderViewHost* render_view_host) {
232 delegate_->OnAuthFlowFailure(LOAD_FAILED);
235 void WebAuthFlow::DidStopLoading(RenderViewHost* render_view_host) {
239 void WebAuthFlow::DidNavigateMainFrame(
240 const content::LoadCommittedDetails& details,
241 const content::FrameNavigateParams& params) {
242 if (delegate_ && details.http_status_code >= 400)
243 delegate_->OnAuthFlowFailure(LOAD_FAILED);
246 } // namespace extensions