1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #import "chrome/browser/ui/cocoa/ssl_client_certificate_selector_cocoa.h"
7 #import <SecurityInterface/SFChooseIdentityPanel.h>
9 #include "base/logging.h"
10 #include "base/mac/foundation_util.h"
11 #include "base/strings/string_util.h"
12 #include "base/strings/sys_string_conversions.h"
13 #include "base/strings/utf_string_conversions.h"
14 #include "chrome/browser/ssl/ssl_client_auth_observer.h"
15 #import "chrome/browser/ui/cocoa/constrained_window/constrained_window_mac.h"
16 #include "chrome/grit/generated_resources.h"
17 #include "content/public/browser/browser_thread.h"
18 #include "content/public/browser/web_contents.h"
19 #include "net/cert/x509_certificate.h"
20 #include "net/cert/x509_util_mac.h"
21 #include "net/ssl/ssl_cert_request_info.h"
22 #include "ui/base/cocoa/window_size_constants.h"
23 #include "ui/base/l10n/l10n_util_mac.h"
25 using content::BrowserThread;
27 @interface SFChooseIdentityPanel (SystemPrivate)
28 // A system-private interface that dismisses a panel whose sheet was started by
29 // -beginSheetForWindow:modalDelegate:didEndSelector:contextInfo:identities:message:
30 // as though the user clicked the button identified by returnCode. Verified
31 // present in 10.5 through 10.8.
32 - (void)_dismissWithCode:(NSInteger)code;
35 @interface SSLClientCertificateSelectorCocoa ()
36 - (void)onConstrainedWindowClosed;
39 class SSLClientAuthObserverCocoaBridge : public SSLClientAuthObserver,
40 public ConstrainedWindowMacDelegate {
42 SSLClientAuthObserverCocoaBridge(
43 const content::BrowserContext* browser_context,
44 net::SSLCertRequestInfo* cert_request_info,
45 const chrome::SelectCertificateCallback& callback,
46 SSLClientCertificateSelectorCocoa* controller)
47 : SSLClientAuthObserver(browser_context, cert_request_info, callback),
48 controller_(controller) {
51 // SSLClientAuthObserver implementation:
52 void OnCertSelectedByNotification() override {
53 [controller_ closeWebContentsModalDialog];
56 // ConstrainedWindowMacDelegate implementation:
57 void OnConstrainedWindowClosed(ConstrainedWindowMac* window) override {
58 // |onConstrainedWindowClosed| will delete the sheet which might be still
59 // in use higher up the call stack. Wait for the next cycle of the event
60 // loop to call this function.
61 [controller_ performSelector:@selector(onConstrainedWindowClosed)
67 SSLClientCertificateSelectorCocoa* controller_; // weak
72 void ShowSSLClientCertificateSelector(
73 content::WebContents* contents,
74 net::SSLCertRequestInfo* cert_request_info,
75 const SelectCertificateCallback& callback) {
76 DCHECK_CURRENTLY_ON(BrowserThread::UI);
77 // The dialog manages its own lifetime.
78 SSLClientCertificateSelectorCocoa* selector =
79 [[SSLClientCertificateSelectorCocoa alloc]
80 initWithBrowserContext:contents->GetBrowserContext()
81 certRequestInfo:cert_request_info
83 [selector displayForWebContents:contents];
88 @implementation SSLClientCertificateSelectorCocoa
90 - (id)initWithBrowserContext:(const content::BrowserContext*)browserContext
91 certRequestInfo:(net::SSLCertRequestInfo*)certRequestInfo
92 callback:(const chrome::SelectCertificateCallback&)callback {
93 DCHECK(browserContext);
94 DCHECK(certRequestInfo);
95 if ((self = [super init])) {
96 observer_.reset(new SSLClientAuthObserverCocoaBridge(
97 browserContext, certRequestInfo, callback, self));
102 - (void)sheetDidEnd:(NSWindow*)parent
103 returnCode:(NSInteger)returnCode
104 context:(void*)context {
105 net::X509Certificate* cert = NULL;
106 if (returnCode == NSFileHandlingPanelOKButton) {
107 CFRange range = CFRangeMake(0, CFArrayGetCount(identities_));
109 CFArrayGetFirstIndexOfValue(identities_, range, [panel_ identity]);
111 cert = certificates_[index].get();
116 // Finally, tell the backend which identity (or none) the user selected.
117 observer_->StopObserving();
118 observer_->CertificateSelected(cert);
121 constrainedWindow_->CloseWebContentsModalDialog();
124 - (void)displayForWebContents:(content::WebContents*)webContents {
125 // Create an array of CFIdentityRefs for the certificates:
126 size_t numCerts = observer_->cert_request_info()->client_certs.size();
127 identities_.reset(CFArrayCreateMutable(
128 kCFAllocatorDefault, numCerts, &kCFTypeArrayCallBacks));
129 for (size_t i = 0; i < numCerts; ++i) {
130 SecCertificateRef cert =
131 observer_->cert_request_info()->client_certs[i]->os_cert_handle();
132 SecIdentityRef identity;
133 if (SecIdentityCreateWithCertificate(NULL, cert, &identity) == noErr) {
134 CFArrayAppendValue(identities_, identity);
136 certificates_.push_back(observer_->cert_request_info()->client_certs[i]);
140 // Get the message to display:
141 NSString* message = l10n_util::GetNSStringF(
142 IDS_CLIENT_CERT_DIALOG_TEXT,
144 observer_->cert_request_info()->host_and_port.ToString()));
146 // Create and set up a system choose-identity panel.
147 panel_.reset([[SFChooseIdentityPanel alloc] init]);
148 [panel_ setInformativeText:message];
149 [panel_ setDefaultButtonTitle:l10n_util::GetNSString(IDS_OK)];
150 [panel_ setAlternateButtonTitle:l10n_util::GetNSString(IDS_CANCEL)];
151 SecPolicyRef sslPolicy;
152 if (net::x509_util::CreateSSLClientPolicy(&sslPolicy) == noErr) {
153 [panel_ setPolicies:(id)sslPolicy];
154 CFRelease(sslPolicy);
157 constrainedWindow_.reset(
158 new ConstrainedWindowMac(observer_.get(), webContents, self));
159 observer_->StartObserving();
162 - (void)closeWebContentsModalDialog {
163 DCHECK(constrainedWindow_);
164 constrainedWindow_->CloseWebContentsModalDialog();
167 - (NSWindow*)overlayWindow {
168 return overlayWindow_;
171 - (SFChooseIdentityPanel*)panel {
175 - (void)showSheetForWindow:(NSWindow*)window {
176 NSString* title = l10n_util::GetNSString(IDS_CLIENT_CERT_DIALOG_TITLE);
177 overlayWindow_.reset([window retain]);
178 [panel_ beginSheetForWindow:window
180 didEndSelector:@selector(sheetDidEnd:returnCode:context:)
182 identities:base::mac::CFToNSCast(identities_)
186 - (void)closeSheetWithAnimation:(BOOL)withAnimation {
188 overlayWindow_.reset();
189 // Closing the sheet using -[NSApp endSheet:] doesn't work so use the private
191 [panel_ _dismissWithCode:NSFileHandlingPanelCancelButton];
195 NSWindow* sheetWindow = [overlayWindow_ attachedSheet];
196 [sheetWindow setAlphaValue:0.0];
198 oldResizesSubviews_ = [[sheetWindow contentView] autoresizesSubviews];
199 [[sheetWindow contentView] setAutoresizesSubviews:NO];
201 oldSheetFrame_ = [sheetWindow frame];
202 NSRect overlayFrame = [overlayWindow_ frame];
203 oldSheetFrame_.origin.x -= NSMinX(overlayFrame);
204 oldSheetFrame_.origin.y -= NSMinY(overlayFrame);
205 [sheetWindow setFrame:ui::kWindowSizeDeterminedLater display:NO];
208 - (void)unhideSheet {
209 NSWindow* sheetWindow = [overlayWindow_ attachedSheet];
210 NSRect overlayFrame = [overlayWindow_ frame];
211 oldSheetFrame_.origin.x += NSMinX(overlayFrame);
212 oldSheetFrame_.origin.y += NSMinY(overlayFrame);
213 [sheetWindow setFrame:oldSheetFrame_ display:NO];
214 [[sheetWindow contentView] setAutoresizesSubviews:oldResizesSubviews_];
215 [[overlayWindow_ attachedSheet] setAlphaValue:1.0];
222 - (void)makeSheetKeyAndOrderFront {
223 [[overlayWindow_ attachedSheet] makeKeyAndOrderFront:nil];
226 - (void)updateSheetPosition {
230 - (void)onConstrainedWindowClosed {
231 observer_->StopObserving();
233 constrainedWindow_.reset();