chrome/browser/ui/android/ssl_client_certificate_request.h - Issue 12374020: Add Android support for SSL client authentication to the browser layer.

Side by Side Diff: chrome/browser/ui/android/ssl_client_certificate_request.h

Issue 12374020: Add Android support for SSL client authentication to the browser layer. (Closed) Base URL: http://git.chromium.org/chromium/src.git@client-cert-test

Patch Set: optimizations Created 7 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « chrome/browser/android/chrome_jni_registrar.cc ('k') | chrome/browser/ui/android/ssl_client_certificate_request.cc » ('j') | chrome/browser/ui/android/ssl_client_certificate_selector.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
(Empty)
	1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #ifndef CHROME_BROWSER_UI_ANDROID_SSL_CLIENT_CERTIFICATE_REQUEST_H_

	6 #define CHROME_BROWSER_UI_ANDROID_SSL_CLIENT_CERTIFICATE_REQUEST_H_

	7

	8 #include <jni.h>

	9

	10 #include "base/android/scoped_java_ref.h"

	11 #include "base/basictypes.h"

	12 #include "base/memory/ref_counted.h"

	13 #include "base/string_piece.h"

	14

	15 namespace net {

	16 class SSLCertRequestInfo;

	17 } // namespace net

	18

	19 namespace chrome {

	20 namespace android {

	21

	22 // This is the C++ counterpart of the Java SSLClientCertificateRequest

	23 // class. Usage example:

	24 //

	25 // 1/ Create your own subclass and override the OnCertificateSelected()

	26 // method.

	27 //

	28 // class MyRequest : public SSLClientCertificateRequest {

	29 // ...

	30 // virtual void OnCertificateSelection(....) OVERRIDE;

	31 // ...

	32 // };

	33 //

	34 // 2/ Start an asynchronous client certificate on the UI thread with:

	35 //

	36 // scoped_refptr<MyRequest> my_request(new MyRequest());

	37 // if (!my_request->Start(cert_request_info)) {

	38 // LOG(ERROR) << "Could not start client certificate selection";

	39 // ...

	40 // }

	41 //

	42 // 3/ Later, the UI thread will call back your request's

	43 // OnCertificateSelected() method with the results.

	44 //

	45 // Note the following limitations, coming from the platform APIS:

	46 //

	47 // - It's not possible to cancel a request once it has been started.

	48 //

	49 // - Each request will launch a system activity which pauses the UI

	50 // thread.

	51 //

	52 // - If the user fails to select a certificate, fails to unlock access

	53 // to the credential storage, or another error occurs, the

	54 // OnCertificateSelected method is called with NULL parameters. There

	55 // is no way to know exactly what happened though.

	56 //

	57 // This class must only be used on the UI thread.

	58 class SSLClientCertificateRequest

	59 : public base::RefCounted<SSLClientCertificateRequest> {
	Ryan Sleevi 2013/03/05 18:02:41 It's still not clear to me at all that you need Re It's still not clear to me at all that you need RefCounting to protect the lifetime of this class. It's much clearer, and harder to misuse (since deriving from RefCounting makes it part of the public interface), to simply have the object clean up after itself (eg: "delete this") digit1 2013/03/06 01:48:33 I've experimented a little and could get rid of th I've experimented a little and could get rid of the refcounting entirely. I also got rid of the SSLClientCertificateRequest class. See latest patch for details.
	60 public:

	61 SSLClientCertificateRequest() { }

	62

	63 // Launch an asynchronous client certificate system activity.

	64 // \|cert_request_info\| holds the client certificate request details.

	65 // Returns true on success, false otherwise. Note that failure only

	66 // means that the system activity could not be launched.

	67 // On success, this increments the delegate's reference count.

	68 bool Start(const net::SSLCertRequestInfo* cert_request_info);

	69

	70 // Called to pass the result of client certificate selection.

	71 // \|encoded_chain\| is the encoded selected client certificate chain,

	72 // where each item is a DER-encoded X.509 certificate.

	73 // \|private_key\| is local JNI reference to the platform's

	74 // PrivateKey object for this certificate.

	75 // Note: both parameters will be NULL to indicate the user didn't

	76 // select a certificate.

	77 virtual void OnCertificateSelected(

	78 std::vector<base::StringPiece>* encoded_chain,

	79 jobject private_key) = 0;

	80

	81 // INTERNAL USE ONLY: The only reason this method is public is to be

	82 // called from the auto-generated JNI wrapper code. Do not use it.

	83 // This is called by the system on the UI thread to pass the

	84 // selected certificate. This function ends up calling

	85 // OnCertificateSelected() after extracting the encoded chain from

	86 // the corresponding JNI reference.

	87 void OnSystemRequestCompletion(JNIEnv* env,

	88 jobject object,

	89 jobjectArray encoded_chain_ref,

	90 jobject private_key_ref);

	91

	92 protected:

	93 virtual ~SSLClientCertificateRequest() { }

	94

	95 private:

	96 friend class base::RefCounted<SSLClientCertificateRequest>;

	97

	98 DISALLOW_COPY_AND_ASSIGN(SSLClientCertificateRequest);

	99 };

	100

	101 // Register JNI methods.

	102 bool RegisterSSLClientCertificateRequestAndroid(JNIEnv* env);

	103

	104 } // namespace android

	105 } // namespace chrome

	106

	107 #endif // CHROME_BROWSER_UI_ANDROID_SSL_CLIENT_CERTIFICATE_REQUEST_H_

OLD	NEW