Don't show supervised user as "already on this device" while they're being imported.
[chromium-blink-merge.git] / media / blink / key_system_config_selector.cc
blob29fe49288c50ef1e3352ce6347c3c2b33449e440
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "key_system_config_selector.h"
7 #include "base/bind.h"
8 #include "base/logging.h"
9 #include "base/strings/string_util.h"
10 #include "base/strings/utf_string_conversions.h"
11 #include "media/base/cdm_config.h"
12 #include "media/base/key_systems.h"
13 #include "media/base/media_permission.h"
14 #include "media/base/mime_util.h"
15 #include "media/blink/webmediaplayer_util.h"
16 #include "third_party/WebKit/public/platform/WebMediaKeySystemConfiguration.h"
17 #include "third_party/WebKit/public/platform/WebSecurityOrigin.h"
18 #include "third_party/WebKit/public/platform/WebString.h"
19 #include "third_party/WebKit/public/platform/WebVector.h"
20 #include "url/gurl.h"
22 namespace media {
24 using EmeFeatureRequirement =
25 blink::WebMediaKeySystemConfiguration::Requirement;
27 namespace {
29 static EmeConfigRule GetSessionTypeConfigRule(EmeSessionTypeSupport support) {
30 switch (support) {
31 case EmeSessionTypeSupport::INVALID:
32 NOTREACHED();
33 return EmeConfigRule::NOT_SUPPORTED;
34 case EmeSessionTypeSupport::NOT_SUPPORTED:
35 return EmeConfigRule::NOT_SUPPORTED;
36 case EmeSessionTypeSupport::SUPPORTED_WITH_IDENTIFIER:
37 return EmeConfigRule::IDENTIFIER_AND_PERSISTENCE_REQUIRED;
38 case EmeSessionTypeSupport::SUPPORTED:
39 return EmeConfigRule::PERSISTENCE_REQUIRED;
41 NOTREACHED();
42 return EmeConfigRule::NOT_SUPPORTED;
45 static EmeConfigRule GetDistinctiveIdentifierConfigRule(
46 EmeFeatureSupport support,
47 EmeFeatureRequirement requirement) {
48 if (support == EmeFeatureSupport::INVALID) {
49 NOTREACHED();
50 return EmeConfigRule::NOT_SUPPORTED;
53 // For NOT_ALLOWED and REQUIRED, the result is as expected. For OPTIONAL, we
54 // return the most restrictive rule that is not more restrictive than for
55 // NOT_ALLOWED or REQUIRED. Those values will be checked individually when
56 // the option is resolved.
58 // NOT_ALLOWED OPTIONAL REQUIRED
59 // NOT_SUPPORTED I_NOT_ALLOWED I_NOT_ALLOWED NOT_SUPPORTED
60 // REQUESTABLE I_NOT_ALLOWED SUPPORTED I_REQUIRED
61 // ALWAYS_ENABLED NOT_SUPPORTED I_REQUIRED I_REQUIRED
62 DCHECK(support == EmeFeatureSupport::NOT_SUPPORTED ||
63 support == EmeFeatureSupport::REQUESTABLE ||
64 support == EmeFeatureSupport::ALWAYS_ENABLED);
65 DCHECK(requirement == EmeFeatureRequirement::NotAllowed ||
66 requirement == EmeFeatureRequirement::Optional ||
67 requirement == EmeFeatureRequirement::Required);
68 if ((support == EmeFeatureSupport::NOT_SUPPORTED &&
69 requirement == EmeFeatureRequirement::Required) ||
70 (support == EmeFeatureSupport::ALWAYS_ENABLED &&
71 requirement == EmeFeatureRequirement::NotAllowed)) {
72 return EmeConfigRule::NOT_SUPPORTED;
74 if (support == EmeFeatureSupport::REQUESTABLE &&
75 requirement == EmeFeatureRequirement::Optional) {
76 return EmeConfigRule::SUPPORTED;
78 if (support == EmeFeatureSupport::NOT_SUPPORTED ||
79 requirement == EmeFeatureRequirement::NotAllowed) {
80 return EmeConfigRule::IDENTIFIER_NOT_ALLOWED;
82 return EmeConfigRule::IDENTIFIER_REQUIRED;
85 static EmeConfigRule GetPersistentStateConfigRule(
86 EmeFeatureSupport support,
87 EmeFeatureRequirement requirement) {
88 if (support == EmeFeatureSupport::INVALID) {
89 NOTREACHED();
90 return EmeConfigRule::NOT_SUPPORTED;
93 // For NOT_ALLOWED and REQUIRED, the result is as expected. For OPTIONAL, we
94 // return the most restrictive rule that is not more restrictive than for
95 // NOT_ALLOWED or REQUIRED. Those values will be checked individually when
96 // the option is resolved.
98 // Note that even though a distinctive identifier can not be required for
99 // persistent state, it may still be required for persistent sessions.
101 // NOT_ALLOWED OPTIONAL REQUIRED
102 // NOT_SUPPORTED P_NOT_ALLOWED P_NOT_ALLOWED NOT_SUPPORTED
103 // REQUESTABLE P_NOT_ALLOWED SUPPORTED P_REQUIRED
104 // ALWAYS_ENABLED NOT_SUPPORTED P_REQUIRED P_REQUIRED
105 DCHECK(support == EmeFeatureSupport::NOT_SUPPORTED ||
106 support == EmeFeatureSupport::REQUESTABLE ||
107 support == EmeFeatureSupport::ALWAYS_ENABLED);
108 DCHECK(requirement == EmeFeatureRequirement::NotAllowed ||
109 requirement == EmeFeatureRequirement::Optional ||
110 requirement == EmeFeatureRequirement::Required);
111 if ((support == EmeFeatureSupport::NOT_SUPPORTED &&
112 requirement == EmeFeatureRequirement::Required) ||
113 (support == EmeFeatureSupport::ALWAYS_ENABLED &&
114 requirement == EmeFeatureRequirement::NotAllowed)) {
115 return EmeConfigRule::NOT_SUPPORTED;
117 if (support == EmeFeatureSupport::REQUESTABLE &&
118 requirement == EmeFeatureRequirement::Optional) {
119 return EmeConfigRule::SUPPORTED;
121 if (support == EmeFeatureSupport::NOT_SUPPORTED ||
122 requirement == EmeFeatureRequirement::NotAllowed) {
123 return EmeConfigRule::PERSISTENCE_NOT_ALLOWED;
125 return EmeConfigRule::PERSISTENCE_REQUIRED;
128 } // namespace
130 struct KeySystemConfigSelector::SelectionRequest {
131 std::string key_system;
132 blink::WebVector<blink::WebMediaKeySystemConfiguration>
133 candidate_configurations;
134 blink::WebSecurityOrigin security_origin;
135 base::Callback<void(const blink::WebMediaKeySystemConfiguration&,
136 const CdmConfig&)> succeeded_cb;
137 base::Callback<void(const blink::WebString&)> not_supported_cb;
138 bool was_permission_requested = false;
139 bool is_permission_granted = false;
140 bool are_secure_codecs_supported = false;
143 // Accumulates configuration rules to determine if a feature (additional
144 // configuration rule) can be added to an accumulated configuration.
145 class KeySystemConfigSelector::ConfigState {
146 public:
147 ConfigState(bool was_permission_requested, bool is_permission_granted)
148 : was_permission_requested_(was_permission_requested),
149 is_permission_granted_(is_permission_granted) {}
151 bool IsPermissionGranted() const { return is_permission_granted_; }
153 // Permission is possible if it has not been denied.
154 bool IsPermissionPossible() const {
155 return is_permission_granted_ || !was_permission_requested_;
158 bool IsIdentifierRequired() const { return is_identifier_required_; }
160 bool IsIdentifierRecommended() const { return is_identifier_recommended_; }
162 bool AreHwSecureCodecsRequired() const {
163 return are_hw_secure_codecs_required_;
166 // Checks whether a rule is compatible with all previously added rules.
167 bool IsRuleSupported(EmeConfigRule rule) const {
168 switch (rule) {
169 case EmeConfigRule::NOT_SUPPORTED:
170 return false;
171 case EmeConfigRule::IDENTIFIER_NOT_ALLOWED:
172 return !is_identifier_required_;
173 case EmeConfigRule::IDENTIFIER_REQUIRED:
174 // TODO(sandersd): Confirm if we should be refusing these rules when
175 // permission has been denied (as the spec currently says).
176 return !is_identifier_not_allowed_ && IsPermissionPossible();
177 case EmeConfigRule::IDENTIFIER_RECOMMENDED:
178 return true;
179 case EmeConfigRule::PERSISTENCE_NOT_ALLOWED:
180 return !is_persistence_required_;
181 case EmeConfigRule::PERSISTENCE_REQUIRED:
182 return !is_persistence_not_allowed_;
183 case EmeConfigRule::IDENTIFIER_AND_PERSISTENCE_REQUIRED:
184 return (!is_identifier_not_allowed_ && IsPermissionPossible() &&
185 !is_persistence_not_allowed_);
186 case EmeConfigRule::HW_SECURE_CODECS_NOT_ALLOWED:
187 return !are_hw_secure_codecs_required_;
188 case EmeConfigRule::HW_SECURE_CODECS_REQUIRED:
189 return !are_hw_secure_codecs_not_allowed_;
190 case EmeConfigRule::SUPPORTED:
191 return true;
193 NOTREACHED();
194 return false;
197 // Add a rule to the accumulated configuration state.
198 void AddRule(EmeConfigRule rule) {
199 DCHECK(IsRuleSupported(rule));
200 switch (rule) {
201 case EmeConfigRule::NOT_SUPPORTED:
202 NOTREACHED();
203 return;
204 case EmeConfigRule::IDENTIFIER_NOT_ALLOWED:
205 is_identifier_not_allowed_ = true;
206 return;
207 case EmeConfigRule::IDENTIFIER_REQUIRED:
208 is_identifier_required_ = true;
209 return;
210 case EmeConfigRule::IDENTIFIER_RECOMMENDED:
211 is_identifier_recommended_ = true;
212 return;
213 case EmeConfigRule::PERSISTENCE_NOT_ALLOWED:
214 is_persistence_not_allowed_ = true;
215 return;
216 case EmeConfigRule::PERSISTENCE_REQUIRED:
217 is_persistence_required_ = true;
218 return;
219 case EmeConfigRule::IDENTIFIER_AND_PERSISTENCE_REQUIRED:
220 is_identifier_required_ = true;
221 is_persistence_required_ = true;
222 return;
223 case EmeConfigRule::HW_SECURE_CODECS_NOT_ALLOWED:
224 are_hw_secure_codecs_not_allowed_ = true;
225 return;
226 case EmeConfigRule::HW_SECURE_CODECS_REQUIRED:
227 are_hw_secure_codecs_required_ = true;
228 return;
229 case EmeConfigRule::SUPPORTED:
230 return;
232 NOTREACHED();
235 private:
236 // Whether permission to use a distinctive identifier was requested. If set,
237 // |is_permission_granted_| represents the final decision.
238 // (Not changed by adding rules.)
239 bool was_permission_requested_;
241 // Whether permission to use a distinctive identifier has been granted.
242 // (Not changed by adding rules.)
243 bool is_permission_granted_;
245 // Whether a rule has been added that requires or blocks a distinctive
246 // identifier.
247 bool is_identifier_required_ = false;
248 bool is_identifier_not_allowed_ = false;
250 // Whether a rule has been added that recommends a distinctive identifier.
251 bool is_identifier_recommended_ = false;
253 // Whether a rule has been added that requires or blocks persistent state.
254 bool is_persistence_required_ = false;
255 bool is_persistence_not_allowed_ = false;
257 // Whether a rule has been added that requires or blocks hardware-secure
258 // codecs.
259 bool are_hw_secure_codecs_required_ = false;
260 bool are_hw_secure_codecs_not_allowed_ = false;
263 KeySystemConfigSelector::KeySystemConfigSelector(
264 const KeySystems* key_systems,
265 MediaPermission* media_permission)
266 : key_systems_(key_systems),
267 media_permission_(media_permission),
268 weak_factory_(this) {
269 DCHECK(key_systems_);
270 DCHECK(media_permission_);
273 KeySystemConfigSelector::~KeySystemConfigSelector() {
276 bool KeySystemConfigSelector::IsSupportedContentType(
277 const std::string& key_system,
278 EmeMediaType media_type,
279 const std::string& container_mime_type,
280 const std::string& codecs,
281 KeySystemConfigSelector::ConfigState* config_state) {
282 // TODO(sandersd): Move contentType parsing from Blink to here so that invalid
283 // parameters can be rejected. http://crbug.com/417561
284 std::string container_lower = base::StringToLowerASCII(container_mime_type);
286 // Check that |container_mime_type| is supported by Chrome.
287 if (!media::IsSupportedMediaMimeType(container_lower))
288 return false;
290 // Check that |codecs| are supported by Chrome. This is done primarily to
291 // validate extended codecs, but it also ensures that the CDM cannot support
292 // codecs that Chrome does not (which could complicate the robustness
293 // algorithm).
294 std::vector<std::string> codec_vector;
295 media::ParseCodecString(codecs, &codec_vector, false);
296 if (!codec_vector.empty() &&
297 (media::IsSupportedStrictMediaMimeType(container_lower, codec_vector) !=
298 media::IsSupported)) {
299 return false;
302 // Check that |container_mime_type| and |codecs| are supported by the CDM.
303 // This check does not handle extended codecs, so extended codec information
304 // is stripped (extended codec information was checked above).
305 std::vector<std::string> stripped_codec_vector;
306 media::ParseCodecString(codecs, &stripped_codec_vector, true);
307 EmeConfigRule codecs_rule = key_systems_->GetContentTypeConfigRule(
308 key_system, media_type, container_lower, stripped_codec_vector);
309 if (!config_state->IsRuleSupported(codecs_rule))
310 return false;
311 config_state->AddRule(codecs_rule);
313 return true;
316 bool KeySystemConfigSelector::GetSupportedCapabilities(
317 const std::string& key_system,
318 EmeMediaType media_type,
319 const blink::WebVector<blink::WebMediaKeySystemMediaCapability>&
320 requested_media_capabilities,
321 KeySystemConfigSelector::ConfigState* config_state,
322 std::vector<blink::WebMediaKeySystemMediaCapability>*
323 supported_media_capabilities) {
324 // From
325 // https://w3c.github.io/encrypted-media/#get-supported-capabilities-for-media-type
326 // 1. Let local accumulated capabilities be a local copy of partial
327 // configuration.
328 // (Skipped as we directly update |config_state|. This is safe because we
329 // only do so when at least one requested media capability is supported.)
330 // 2. Let supported media capabilities be empty.
331 DCHECK_EQ(supported_media_capabilities->size(), 0ul);
332 // 3. For each value in requested media capabilities:
333 for (size_t i = 0; i < requested_media_capabilities.size(); i++) {
334 // 3.1. Let contentType be the value's contentType member.
335 // 3.2. Let robustness be the value's robustness member.
336 const blink::WebMediaKeySystemMediaCapability& capability =
337 requested_media_capabilities[i];
338 // 3.3. If contentType is the empty string, return null.
339 if (capability.mimeType.isEmpty()) {
340 DVLOG(2) << "Rejecting requested configuration because "
341 << "a capability contentType was empty.";
342 return false;
345 // 3.4-3.11. (Implemented by IsSupportedContentType().)
346 ConfigState proposed_config_state = *config_state;
347 if (!base::IsStringASCII(capability.mimeType) ||
348 !base::IsStringASCII(capability.codecs) ||
349 !IsSupportedContentType(key_system, media_type,
350 base::UTF16ToASCII(capability.mimeType),
351 base::UTF16ToASCII(capability.codecs),
352 &proposed_config_state)) {
353 continue;
355 // 3.12. If robustness is not the empty string, run the following steps:
356 if (!capability.robustness.isEmpty()) {
357 // 3.12.1. If robustness is an unrecognized value or not supported by
358 // implementation, continue to the next iteration. String
359 // comparison is case-sensitive.
360 if (!base::IsStringASCII(capability.robustness))
361 continue;
362 EmeConfigRule robustness_rule = key_systems_->GetRobustnessConfigRule(
363 key_system, media_type, base::UTF16ToASCII(capability.robustness));
364 if (!proposed_config_state.IsRuleSupported(robustness_rule))
365 continue;
366 proposed_config_state.AddRule(robustness_rule);
367 // 3.12.2. Add robustness to configuration.
368 // (It's already added, we use capability as configuration.)
370 // 3.13. If the user agent and implementation do not support playback of
371 // encrypted media data as specified by configuration, including all
372 // media types, in combination with local accumulated capabilities,
373 // continue to the next iteration.
374 // (This is handled when adding rules to |proposed_config_state|.)
375 // 3.14. Add configuration to supported media capabilities.
376 supported_media_capabilities->push_back(capability);
377 // 3.15. Add configuration to local accumulated capabilities.
378 *config_state = proposed_config_state;
380 // 4. If supported media capabilities is empty, return null.
381 if (supported_media_capabilities->empty()) {
382 DVLOG(2) << "Rejecting requested configuration because "
383 << "no capabilities were supported.";
384 return false;
386 // 5. Return media type capabilities.
387 return true;
390 KeySystemConfigSelector::ConfigurationSupport
391 KeySystemConfigSelector::GetSupportedConfiguration(
392 const std::string& key_system,
393 const blink::WebMediaKeySystemConfiguration& candidate,
394 ConfigState* config_state,
395 blink::WebMediaKeySystemConfiguration* accumulated_configuration) {
396 // From https://w3c.github.io/encrypted-media/#get-supported-configuration
397 // 1. Let accumulated configuration be empty. (Done by caller.)
398 // 2. If the initDataTypes member is present in candidate configuration, run
399 // the following steps:
400 if (candidate.hasInitDataTypes) {
401 // 2.1. Let supported types be empty.
402 std::vector<blink::WebEncryptedMediaInitDataType> supported_types;
404 // 2.2. For each value in candidate configuration's initDataTypes member:
405 for (size_t i = 0; i < candidate.initDataTypes.size(); i++) {
406 // 2.2.1. Let initDataType be the value.
407 blink::WebEncryptedMediaInitDataType init_data_type =
408 candidate.initDataTypes[i];
409 // 2.2.2. If the implementation supports generating requests based on
410 // initDataType, add initDataType to supported types. String
411 // comparison is case-sensitive. The empty string is never
412 // supported.
413 if (key_systems_->IsSupportedInitDataType(
414 key_system, ConvertToEmeInitDataType(init_data_type))) {
415 supported_types.push_back(init_data_type);
419 // 2.3. If supported types is empty, return null.
420 if (supported_types.empty()) {
421 DVLOG(2) << "Rejecting requested configuration because "
422 << "no initDataType values were supported.";
423 return CONFIGURATION_NOT_SUPPORTED;
426 // 2.4. Add supported types to accumulated configuration.
427 accumulated_configuration->initDataTypes = supported_types;
430 // 3. Follow the steps for the value of candidate configuration's
431 // distinctiveIdentifier member from the following list:
432 // - "required": If the implementation does not support a persistent
433 // Distinctive Identifier in combination with accumulated
434 // configuration, return null.
435 // - "optional": Continue.
436 // - "not-allowed": If the implementation requires a Distinctive
437 // Identifier in combination with accumulated configuration, return
438 // null.
439 // We also reject OPTIONAL when distinctive identifiers are ALWAYS_ENABLED and
440 // permission has already been denied. This would happen anyway at step 11.
441 EmeConfigRule di_rule = GetDistinctiveIdentifierConfigRule(
442 key_systems_->GetDistinctiveIdentifierSupport(key_system),
443 candidate.distinctiveIdentifier);
444 if (!config_state->IsRuleSupported(di_rule)) {
445 DVLOG(2) << "Rejecting requested configuration because "
446 << "the distinctiveIdentifier requirement was not supported.";
447 return CONFIGURATION_NOT_SUPPORTED;
449 config_state->AddRule(di_rule);
451 // 4. Add the value of the candidate configuration's distinctiveIdentifier
452 // member to accumulated configuration.
453 accumulated_configuration->distinctiveIdentifier =
454 candidate.distinctiveIdentifier;
456 // 5. Follow the steps for the value of candidate configuration's
457 // persistentState member from the following list:
458 // - "required": If the implementation does not support persisting state
459 // in combination with accumulated configuration, return null.
460 // - "optional": Continue.
461 // - "not-allowed": If the implementation requires persisting state in
462 // combination with accumulated configuration, return null.
463 EmeConfigRule ps_rule = GetPersistentStateConfigRule(
464 key_systems_->GetPersistentStateSupport(key_system),
465 candidate.persistentState);
466 if (!config_state->IsRuleSupported(ps_rule)) {
467 DVLOG(2) << "Rejecting requested configuration because "
468 << "the persistentState requirement was not supported.";
469 return CONFIGURATION_NOT_SUPPORTED;
471 config_state->AddRule(ps_rule);
473 // 6. Add the value of the candidate configuration's persistentState
474 // member to accumulated configuration.
475 accumulated_configuration->persistentState = candidate.persistentState;
477 // 7. Follow the steps for the first matching condition from the following
478 // list:
479 // - If the sessionTypes member is present in candidate configuration,
480 // let session types be candidate configuration's sessionTypes member.
481 // - Otherwise, let session types be [ "temporary" ].
482 blink::WebVector<blink::WebEncryptedMediaSessionType> session_types;
483 if (candidate.hasSessionTypes) {
484 session_types = candidate.sessionTypes;
485 } else {
486 std::vector<blink::WebEncryptedMediaSessionType> temporary(1);
487 temporary[0] = blink::WebEncryptedMediaSessionType::Temporary;
488 session_types = temporary;
491 // 8. For each value in session types:
492 for (size_t i = 0; i < session_types.size(); i++) {
493 // 8.1. Let session type be the value.
494 blink::WebEncryptedMediaSessionType session_type = session_types[i];
495 // 8.2. If the implementation does not support session type in combination
496 // with accumulated configuration, return null.
497 // 8.3. If session type is "persistent-license" or
498 // "persistent-release-message", follow the steps for accumulated
499 // configuration's persistentState value from the following list:
500 // - "required": Continue.
501 // - "optional": Change accumulated configuration's persistentState
502 // value to "required".
503 // - "not-allowed": Return null.
504 EmeConfigRule session_type_rule = EmeConfigRule::NOT_SUPPORTED;
505 switch (session_type) {
506 case blink::WebEncryptedMediaSessionType::Unknown:
507 DVLOG(2) << "Rejecting requested configuration because "
508 << "a required session type was not recognized.";
509 return CONFIGURATION_NOT_SUPPORTED;
510 case blink::WebEncryptedMediaSessionType::Temporary:
511 session_type_rule = EmeConfigRule::SUPPORTED;
512 break;
513 case blink::WebEncryptedMediaSessionType::PersistentLicense:
514 session_type_rule = GetSessionTypeConfigRule(
515 key_systems_->GetPersistentLicenseSessionSupport(key_system));
516 break;
517 case blink::WebEncryptedMediaSessionType::PersistentReleaseMessage:
518 session_type_rule = GetSessionTypeConfigRule(
519 key_systems_->GetPersistentReleaseMessageSessionSupport(
520 key_system));
521 break;
523 if (!config_state->IsRuleSupported(session_type_rule)) {
524 DVLOG(2) << "Rejecting requested configuration because "
525 << "a required session type was not supported.";
526 return CONFIGURATION_NOT_SUPPORTED;
528 config_state->AddRule(session_type_rule);
531 // 9. Add session types to accumulated configuration.
532 accumulated_configuration->sessionTypes = session_types;
534 // 10. If the videoCapabilities member is present in candidate configuration:
535 if (candidate.hasVideoCapabilities) {
536 // 10.1. Let video capabilities be the result of executing the Get Supported
537 // Capabilities for Media Type algorithm on Video, candidate
538 // configuration's videoCapabilities member, and accumulated
539 // configuration.
540 // 10.2. If video capabilities is null, return null.
541 std::vector<blink::WebMediaKeySystemMediaCapability> video_capabilities;
542 if (!GetSupportedCapabilities(key_system, EmeMediaType::VIDEO,
543 candidate.videoCapabilities, config_state,
544 &video_capabilities)) {
545 return CONFIGURATION_NOT_SUPPORTED;
548 // 10.3. Add video capabilities to accumulated configuration.
549 accumulated_configuration->videoCapabilities = video_capabilities;
552 // 11. If the audioCapabilities member is present in candidate configuration:
553 if (candidate.hasAudioCapabilities) {
554 // 11.1. Let audio capabilities be the result of executing the Get Supported
555 // Capabilities for Media Type algorithm on Audio, candidate
556 // configuration's audioCapabilities member, and accumulated
557 // configuration.
558 // 11.2. If audio capabilities is null, return null.
559 std::vector<blink::WebMediaKeySystemMediaCapability> audio_capabilities;
560 if (!GetSupportedCapabilities(key_system, EmeMediaType::AUDIO,
561 candidate.audioCapabilities, config_state,
562 &audio_capabilities)) {
563 return CONFIGURATION_NOT_SUPPORTED;
566 // 11.3. Add audio capabilities to accumulated configuration.
567 accumulated_configuration->audioCapabilities = audio_capabilities;
570 // 12. If accumulated configuration's distinctiveIdentifier value is
571 // "optional", follow the steps for the first matching condition from the
572 // following list:
573 // - If the implementation requires a Distinctive Identifier for any of
574 // the combinations in accumulated configuration, change accumulated
575 // configuration's distinctiveIdentifier value to "required".
576 // - Otherwise, change accumulated configuration's distinctiveIdentifier
577 // value to "not-allowed".
578 if (accumulated_configuration->distinctiveIdentifier ==
579 blink::WebMediaKeySystemConfiguration::Requirement::Optional) {
580 EmeConfigRule not_allowed_rule = GetDistinctiveIdentifierConfigRule(
581 key_systems_->GetDistinctiveIdentifierSupport(key_system),
582 EmeFeatureRequirement::NotAllowed);
583 EmeConfigRule required_rule = GetDistinctiveIdentifierConfigRule(
584 key_systems_->GetDistinctiveIdentifierSupport(key_system),
585 EmeFeatureRequirement::Required);
586 bool not_allowed_supported =
587 config_state->IsRuleSupported(not_allowed_rule);
588 bool required_supported = config_state->IsRuleSupported(required_rule);
589 // If a distinctive identifier is recommend and that is a possible outcome,
590 // prefer that.
591 if (required_supported && config_state->IsIdentifierRecommended() &&
592 config_state->IsPermissionPossible()) {
593 not_allowed_supported = false;
595 if (not_allowed_supported) {
596 accumulated_configuration->distinctiveIdentifier =
597 blink::WebMediaKeySystemConfiguration::Requirement::NotAllowed;
598 config_state->AddRule(not_allowed_rule);
599 } else if (required_supported) {
600 accumulated_configuration->distinctiveIdentifier =
601 blink::WebMediaKeySystemConfiguration::Requirement::Required;
602 config_state->AddRule(required_rule);
603 } else {
604 // We should not have passed step 3.
605 NOTREACHED();
606 return CONFIGURATION_NOT_SUPPORTED;
610 // 13. If accumulated configuration's persistentState value is "optional",
611 // follow the steps for the first matching condition from the following
612 // list:
613 // - If the implementation requires persisting state for any of the
614 // combinations in accumulated configuration, change accumulated
615 // configuration's persistentState value to "required".
616 // - Otherwise, change accumulated configuration's persistentState value
617 // to "not-allowed".
618 if (accumulated_configuration->persistentState ==
619 blink::WebMediaKeySystemConfiguration::Requirement::Optional) {
620 EmeConfigRule not_allowed_rule = GetPersistentStateConfigRule(
621 key_systems_->GetPersistentStateSupport(key_system),
622 EmeFeatureRequirement::NotAllowed);
623 EmeConfigRule required_rule = GetPersistentStateConfigRule(
624 key_systems_->GetPersistentStateSupport(key_system),
625 EmeFeatureRequirement::Required);
626 // |distinctiveIdentifier| should not be affected after it is decided.
627 DCHECK(not_allowed_rule == EmeConfigRule::NOT_SUPPORTED ||
628 not_allowed_rule == EmeConfigRule::PERSISTENCE_NOT_ALLOWED);
629 DCHECK(required_rule == EmeConfigRule::NOT_SUPPORTED ||
630 required_rule == EmeConfigRule::PERSISTENCE_REQUIRED);
631 bool not_allowed_supported =
632 config_state->IsRuleSupported(not_allowed_rule);
633 bool required_supported = config_state->IsRuleSupported(required_rule);
634 if (not_allowed_supported) {
635 accumulated_configuration->persistentState =
636 blink::WebMediaKeySystemConfiguration::Requirement::NotAllowed;
637 config_state->AddRule(not_allowed_rule);
638 } else if (required_supported) {
639 accumulated_configuration->persistentState =
640 blink::WebMediaKeySystemConfiguration::Requirement::Required;
641 config_state->AddRule(required_rule);
642 } else {
643 // We should not have passed step 5.
644 NOTREACHED();
645 return CONFIGURATION_NOT_SUPPORTED;
649 // 14. If implementation in the configuration specified by the combination of
650 // the values in accumulated configuration is not supported or not allowed
651 // in the origin, return null.
652 // 15. If accumulated configuration's distinctiveIdentifier value is
653 // "required", [prompt the user for consent].
654 if (accumulated_configuration->distinctiveIdentifier ==
655 blink::WebMediaKeySystemConfiguration::Requirement::Required) {
656 // The caller is responsible for resolving what to do if permission is
657 // required but has been denied (it should treat it as NOT_SUPPORTED).
658 if (!config_state->IsPermissionGranted())
659 return CONFIGURATION_REQUIRES_PERMISSION;
662 // 16. If the label member is present in candidate configuration, add the
663 // value of the candidate configuration's label member to accumulated
664 // configuration.
665 accumulated_configuration->label = candidate.label;
667 // 17. Return accumulated configuration.
668 return CONFIGURATION_SUPPORTED;
671 void KeySystemConfigSelector::SelectConfig(
672 const blink::WebString& key_system,
673 const blink::WebVector<blink::WebMediaKeySystemConfiguration>&
674 candidate_configurations,
675 const blink::WebSecurityOrigin& security_origin,
676 bool are_secure_codecs_supported,
677 base::Callback<void(const blink::WebMediaKeySystemConfiguration&,
678 const CdmConfig&)> succeeded_cb,
679 base::Callback<void(const blink::WebString&)> not_supported_cb) {
680 // Continued from requestMediaKeySystemAccess(), step 7, from
681 // https://w3c.github.io/encrypted-media/#requestmediakeysystemaccess
683 // 7.1. If keySystem is not one of the Key Systems supported by the user
684 // agent, reject promise with with a new DOMException whose name is
685 // NotSupportedError. String comparison is case-sensitive.
686 if (!base::IsStringASCII(key_system)) {
687 not_supported_cb.Run("Only ASCII keySystems are supported");
688 return;
691 std::string key_system_ascii = base::UTF16ToASCII(key_system);
692 if (!key_systems_->IsSupportedKeySystem(key_system_ascii)) {
693 not_supported_cb.Run("Unsupported keySystem");
694 return;
697 // 7.2-7.4. Implemented by OnSelectConfig().
698 // TODO(sandersd): This should be async, ideally not on the main thread.
699 scoped_ptr<SelectionRequest> request(new SelectionRequest());
700 request->key_system = key_system_ascii;
701 request->candidate_configurations = candidate_configurations;
702 request->security_origin = security_origin;
703 request->are_secure_codecs_supported = are_secure_codecs_supported;
704 request->succeeded_cb = succeeded_cb;
705 request->not_supported_cb = not_supported_cb;
706 SelectConfigInternal(request.Pass());
709 void KeySystemConfigSelector::SelectConfigInternal(
710 scoped_ptr<SelectionRequest> request) {
711 // Continued from requestMediaKeySystemAccess(), step 7.1, from
712 // https://w3c.github.io/encrypted-media/#requestmediakeysystemaccess
714 // 7.2. Let implementation be the implementation of keySystem.
715 // (|key_systems_| fills this role.)
716 // 7.3. For each value in supportedConfigurations:
717 for (size_t i = 0; i < request->candidate_configurations.size(); i++) {
718 // 7.3.1. Let candidate configuration be the value.
719 // 7.3.2. Let supported configuration be the result of executing the Get
720 // Supported Configuration algorithm on implementation, candidate
721 // configuration, and origin.
722 // 7.3.3. If supported configuration is not null, [initialize and return a
723 // new MediaKeySystemAccess object.]
724 ConfigState config_state(request->was_permission_requested,
725 request->is_permission_granted);
726 DCHECK(config_state.IsRuleSupported(
727 EmeConfigRule::HW_SECURE_CODECS_NOT_ALLOWED));
728 if (!request->are_secure_codecs_supported)
729 config_state.AddRule(EmeConfigRule::HW_SECURE_CODECS_NOT_ALLOWED);
730 blink::WebMediaKeySystemConfiguration accumulated_configuration;
731 CdmConfig cdm_config;
732 ConfigurationSupport support = GetSupportedConfiguration(
733 request->key_system, request->candidate_configurations[i],
734 &config_state, &accumulated_configuration);
735 switch (support) {
736 case CONFIGURATION_NOT_SUPPORTED:
737 continue;
738 case CONFIGURATION_REQUIRES_PERMISSION:
739 if (request->was_permission_requested) {
740 DVLOG(2) << "Rejecting requested configuration because "
741 << "permission was denied.";
742 continue;
745 // Note: the GURL must not be constructed inline because
746 // base::Passed(&request) sets |request| to null.
747 GURL security_origin(request->security_origin.toString());
748 media_permission_->RequestPermission(
749 MediaPermission::PROTECTED_MEDIA_IDENTIFIER, security_origin,
750 base::Bind(&KeySystemConfigSelector::OnPermissionResult,
751 weak_factory_.GetWeakPtr(), base::Passed(&request)));
753 return;
754 case CONFIGURATION_SUPPORTED:
755 cdm_config.allow_distinctive_identifier =
756 (accumulated_configuration.distinctiveIdentifier ==
757 blink::WebMediaKeySystemConfiguration::Requirement::Required);
758 cdm_config.allow_persistent_state =
759 (accumulated_configuration.persistentState ==
760 blink::WebMediaKeySystemConfiguration::Requirement::Required);
761 cdm_config.use_hw_secure_codecs =
762 config_state.AreHwSecureCodecsRequired();
763 request->succeeded_cb.Run(accumulated_configuration, cdm_config);
764 return;
768 // 7.4. Reject promise with a new DOMException whose name is
769 // NotSupportedError.
770 request->not_supported_cb.Run(
771 "None of the requested configurations were supported.");
774 void KeySystemConfigSelector::OnPermissionResult(
775 scoped_ptr<SelectionRequest> request,
776 bool is_permission_granted) {
777 request->was_permission_requested = true;
778 request->is_permission_granted = is_permission_granted;
779 SelectConfigInternal(request.Pass());
782 } // namespace media