1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "content/browser/ssl/ssl_client_auth_handler.h"
8 #include "base/callback_helpers.h"
9 #include "content/public/browser/browser_thread.h"
10 #include "content/public/browser/content_browser_client.h"
11 #include "content/public/browser/resource_request_info.h"
12 #include "net/ssl/client_cert_store.h"
13 #include "net/url_request/url_request.h"
17 SSLClientAuthHandler::SSLClientAuthHandler(
18 scoped_ptr
<net::ClientCertStore
> client_cert_store
,
19 net::URLRequest
* request
,
20 net::SSLCertRequestInfo
* cert_request_info
,
21 const SSLClientAuthHandler::CertificateCallback
& callback
)
23 cert_request_info_(cert_request_info
),
24 client_cert_store_(client_cert_store
.Pass()),
26 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO
));
29 SSLClientAuthHandler::~SSLClientAuthHandler() {
30 // If we were simply dropped, then act as if we selected no certificate.
31 DoCertificateSelected(NULL
);
34 void SSLClientAuthHandler::OnRequestCancelled() {
39 void SSLClientAuthHandler::SelectCertificate() {
40 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO
));
43 if (client_cert_store_
) {
44 client_cert_store_
->GetClientCerts(
46 &cert_request_info_
->client_certs
,
47 base::Bind(&SSLClientAuthHandler::DidGetClientCerts
, this));
53 void SSLClientAuthHandler::CertificateSelected(net::X509Certificate
* cert
) {
54 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI
));
56 DVLOG(1) << this << " CertificateSelected " << cert
;
57 BrowserThread::PostTask(
58 BrowserThread::IO
, FROM_HERE
,
60 &SSLClientAuthHandler::DoCertificateSelected
, this,
61 make_scoped_refptr(cert
)));
64 void SSLClientAuthHandler::DidGetClientCerts() {
65 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO
));
66 // Request may have cancelled while we were getting client certs.
70 // Note that if |client_cert_store_| is NULL, we intentionally fall through to
71 // DoCertificateSelected. This is for platforms where the client cert matching
72 // is not performed by Chrome, the platform can handle the cert matching
73 // before showing the dialog.
74 if (client_cert_store_
&& cert_request_info_
->client_certs
.empty()) {
75 // No need to query the user if there are no certs to choose from.
76 DoCertificateSelected(NULL
);
80 int render_process_host_id
;
81 int render_frame_host_id
;
82 if (!ResourceRequestInfo::ForRequest(request_
)->GetAssociatedRenderFrame(
83 &render_process_host_id
,
84 &render_frame_host_id
))
87 // If the RVH does not exist by the time this task gets run, then the task
88 // will be dropped and the scoped_refptr to SSLClientAuthHandler will go
89 // away, so we do not leak anything. The destructor takes care of ensuring
90 // the net::URLRequest always gets a response.
91 BrowserThread::PostTask(
92 BrowserThread::UI
, FROM_HERE
,
94 &SSLClientAuthHandler::DoSelectCertificate
, this,
95 render_process_host_id
, render_frame_host_id
));
98 void SSLClientAuthHandler::DoCertificateSelected(net::X509Certificate
* cert
) {
99 DVLOG(1) << this << " DoCertificateSelected " << cert
;
100 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO
));
101 // request_ could have been NULLed if the request was cancelled while the
102 // user was choosing a cert, or because we have already responded to the
106 DCHECK(!callback_
.is_null());
107 base::ResetAndReturn(&callback_
).Run(cert
);
111 void SSLClientAuthHandler::DoSelectCertificate(
112 int render_process_host_id
, int render_frame_host_id
) {
113 GetContentClient()->browser()->SelectClientCertificate(
114 render_process_host_id
,
115 render_frame_host_id
,
116 cert_request_info_
.get(),
117 base::Bind(&SSLClientAuthHandler::CertificateSelected
, this));
120 } // namespace content
