components/autofill/content/browser/wallet/wallet_service_url.cc

   1 // Copyright 2013 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "components/autofill/content/browser/wallet/wallet_service_url.h"
   6
   7 #include <string>
   8
   9 #include "base/command_line.h"
  10 #include "base/format_macros.h"
  11 #include "base/metrics/field_trial.h"
  12 #include "base/strings/string_number_conversions.h"
  13 #include "base/strings/string_util.h"
  14 #include "base/strings/stringprintf.h"
  15 #include "base/strings/utf_string_conversions.h"
  16 #include "components/autofill/core/common/autofill_switches.h"
  17 #include "content/public/common/content_switches.h"
  18 #include "content/public/common/url_constants.h"
  19 #include "google_apis/gaia/gaia_urls.h"
  20 #include "net/base/url_util.h"
  21 #include "url/gurl.h"
  22
  23 namespace autofill {
  24 namespace {
  25
  26 const char kProdWalletServiceUrl[] = "https://wallet.google.com/";
  27
  28 const char kSandboxWalletServiceUrl[] =
  29     "https://wallet-web.sandbox.google.com/";
  30
  31 const char kSandboxWalletSecureServiceUrl[] =
  32     "https://wallet-web.sandbox.google.com/";
  33
  34 bool IsWalletProductionEnabled() {
  35   // If the command line flag exists, it takes precedence.
  36   const CommandLine* command_line = CommandLine::ForCurrentProcess();
  37   std::string sandbox_enabled(
  38       command_line->GetSwitchValueASCII(switches::kWalletServiceUseSandbox));
  39   if (!sandbox_enabled.empty())
  40     return sandbox_enabled != "1";
  41
  42   // Default to sandbox when --reduce-security-for-testing is passed to allow
  43   // rAc on http:// pages.
  44   if (command_line->HasSwitch(::switches::kReduceSecurityForTesting))
  45     return false;
  46
  47 #if defined(ENABLE_PROD_WALLET_SERVICE)
  48   return true;
  49 #else
  50   return false;
  51 #endif
  52 }
  53
  54 GURL GetWalletHostUrl() {
  55   const CommandLine& command_line = *CommandLine::ForCurrentProcess();
  56   std::string wallet_service_hostname =
  57       command_line.GetSwitchValueASCII(switches::kWalletServiceUrl);
  58   if (!wallet_service_hostname.empty())
  59     return GURL(wallet_service_hostname);
  60   if (IsWalletProductionEnabled())
  61     return GURL(kProdWalletServiceUrl);
  62   return GURL(kSandboxWalletServiceUrl);
  63 }
  64
  65 GURL GetBaseWalletUrl(size_t user_index) {
  66   std::string path = base::StringPrintf("online/v2/u/%" PRIuS "/", user_index);
  67   return GetWalletHostUrl().Resolve(path);
  68 }
  69
  70 GURL GetBaseAutocheckoutUrl(size_t user_index) {
  71   return GetBaseWalletUrl(user_index).Resolve("wallet/autocheckout/v1/");
  72 }
  73
  74 GURL GetBaseSecureUrl() {
  75   const CommandLine& command_line = *CommandLine::ForCurrentProcess();
  76   std::string wallet_secure_url =
  77       command_line.GetSwitchValueASCII(switches::kWalletSecureServiceUrl);
  78   if (!wallet_secure_url.empty())
  79     return GURL(wallet_secure_url);
  80   if (IsWalletProductionEnabled())
  81     return GURL(kProdWalletServiceUrl);
  82   return GURL(kSandboxWalletSecureServiceUrl);
  83 }
  84
  85 GURL GetBaseEncryptedFrontendUrl(size_t user_index) {
  86   const CommandLine& command_line = *CommandLine::ForCurrentProcess();
  87   GURL base_url = IsWalletProductionEnabled() ||
  88       command_line.HasSwitch(switches::kWalletServiceUrl) ?
  89           GetWalletHostUrl() : GetBaseSecureUrl();
  90   std::string path =
  91       base::StringPrintf("online-secure/v2/u/%" PRIuS "/autocheckout/v1/",
  92                          user_index);
  93   return base_url.Resolve(path);
  94 }
  95
  96 }  // namespace
  97
  98 namespace wallet {
  99
 100 GURL GetGetWalletItemsUrl(size_t user_index) {
 101   return GetBaseAutocheckoutUrl(user_index).Resolve("getWalletItemsJwtless");
 102 }
 103
 104 GURL GetGetFullWalletUrl(size_t user_index) {
 105   return GetBaseEncryptedFrontendUrl(user_index)
 106       .Resolve("getFullWalletJwtless?s7e=otp");
 107 }
 108
 109 GURL GetManageInstrumentsUrl(size_t user_index) {
 110   std::string path =
 111       base::StringPrintf("manage/w/%" PRIuS "/paymentMethods", user_index);
 112   return GetBaseSecureUrl().Resolve(path);
 113 }
 114
 115 GURL GetManageAddressesUrl(size_t user_index) {
 116   std::string path =
 117       base::StringPrintf("manage/w/%" PRIuS "/settings/addresses", user_index);
 118   return GetBaseSecureUrl().Resolve(path);
 119 }
 120
 121 GURL GetAcceptLegalDocumentsUrl(size_t user_index) {
 122   return GetBaseAutocheckoutUrl(user_index).Resolve("acceptLegalDocument");
 123 }
 124
 125 GURL GetAuthenticateInstrumentUrl(size_t user_index) {
 126   return GetBaseEncryptedFrontendUrl(user_index)
 127       .Resolve("authenticateInstrument?s7e=cvn");
 128 }
 129
 130 GURL GetSaveToWalletNoEscrowUrl(size_t user_index) {
 131   return GetBaseAutocheckoutUrl(user_index).Resolve("saveToWallet");
 132 }
 133
 134 GURL GetSaveToWalletUrl(size_t user_index) {
 135   return GetBaseEncryptedFrontendUrl(user_index)
 136       .Resolve("saveToWallet?s7e=card_number%3Bcvn");
 137 }
 138
 139 GURL GetPassiveAuthUrl(size_t user_index) {
 140   return GetBaseWalletUrl(user_index)
 141       .Resolve("passiveauth?isChromePayments=true");
 142 }
 143
 144 GURL GetAddAccountUrl() {
 145   GURL url(GaiaUrls::GetInstance()->add_account_url());
 146   url = net::AppendQueryParameter(url, "nui", "1");
 147   // Prevents promos from showing (see http://crbug.com/235227).
 148   url = net::AppendQueryParameter(url, "sarp", "1");
 149   url = net::AppendQueryParameter(url,
 150                                   "continue",
 151                                   GetSignInContinueUrl().spec());
 152   return url;
 153 }
 154
 155 GURL GetSignInUrl(size_t user_index) {
 156   GURL url(GaiaUrls::GetInstance()->service_login_url());
 157   url = net::AppendQueryParameter(
 158       url, "authuser", base::SizeTToString(user_index));
 159   // Prevents promos from showing (see http://crbug.com/235227).
 160   url = net::AppendQueryParameter(url, "sarp", "1");
 161   url =
 162       net::AppendQueryParameter(url, "continue", GetSignInContinueUrl().spec());
 163   return url;
 164 }
 165
 166 // The continue url portion of the sign-in URL. This URL is used as a milestone
 167 // to determine that the sign-in process is finished. It has to be a Google
 168 // domain, use https://, and do almost nothing, but otherwise it's not too
 169 // important what the URL actually is: it's not important that this URL has the
 170 // ability to generate a gdToken.
 171 GURL GetSignInContinueUrl() {
 172   return GetPassiveAuthUrl(0);
 173 }
 174
 175 bool IsSignInContinueUrl(const GURL& url, size_t* user_index) {
 176   GURL final_url = GetSignInContinueUrl();
 177   if (url.scheme() != final_url.scheme() ||
 178       url.host() != final_url.host() ||
 179       url.path() != final_url.path()) {
 180     return false;
 181   }
 182
 183   *user_index = 0;
 184   std::string query_str = url.query();
 185   url::Component query(0, query_str.length());
 186   url::Component key, value;
 187   const char kUserIndexKey[] = "authuser";
 188   while (url::ExtractQueryKeyValue(query_str.c_str(), &query, &key, &value)) {
 189     if (key.is_nonempty() &&
 190         query_str.substr(key.begin, key.len) == kUserIndexKey) {
 191       base::StringToSizeT(query_str.substr(value.begin, value.len), user_index);
 192       break;
 193     }
 194   }
 195
 196   return true;
 197 }
 198
 199 bool IsSignInRelatedUrl(const GURL& url) {
 200   size_t unused;
 201   return url.GetOrigin() == GetAddAccountUrl().GetOrigin() ||
 202          StartsWith(base::UTF8ToUTF16(url.GetOrigin().host()),
 203                     base::ASCIIToUTF16("accounts."),
 204                     false) ||
 205          IsSignInContinueUrl(url, &unused);
 206 }
 207
 208 bool IsUsingProd() {
 209   return GetWalletHostUrl() == GURL(kProdWalletServiceUrl);
 210 }
 211
 212 }  // namespace wallet
 213 }  // namespace autofill