content/browser/ssl/ssl_client_auth_handler.h

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef CONTENT_BROWSER_SSL_SSL_CLIENT_AUTH_HANDLER_H_
   6 #define CONTENT_BROWSER_SSL_SSL_CLIENT_AUTH_HANDLER_H_
   7
   8 #include "base/basictypes.h"
   9 #include "base/callback.h"
  10 #include "base/macros.h"
  11 #include "base/memory/ref_counted.h"
  12 #include "base/memory/weak_ptr.h"
  13 #include "content/common/content_export.h"
  14 #include "content/public/browser/browser_thread.h"
  15 #include "net/ssl/ssl_cert_request_info.h"
  16
  17 namespace net {
  18 class ClientCertStore;
  19 class URLRequest;
  20 class X509Certificate;
  21 }  // namespace net
  22
  23 namespace content {
  24
  25 // This class handles the approval and selection of a certificate for SSL client
  26 // authentication by the user. Should only be used on the IO thread. If the
  27 // SSLClientAuthHandler is destroyed before the certificate is selected, the
  28 // selection is canceled and the delegate never called.
  29 class SSLClientAuthHandler {
  30  public:
  31   // Delegate interface for SSLClientAuthHandler. Method implementations may
  32   // delete the handler when called.
  33   class CONTENT_EXPORT Delegate {
  34    public:
  35     Delegate() {}
  36
  37     // Called to continue the request with |cert|. |cert| may be nullptr.
  38     virtual void ContinueWithCertificate(net::X509Certificate* cert) = 0;
  39
  40     // Called to cancel the certificate selection and abort the request.
  41     virtual void CancelCertificateSelection() = 0;
  42
  43    protected:
  44     virtual ~Delegate() {}
  45
  46    private:
  47     DISALLOW_COPY_AND_ASSIGN(Delegate);
  48   };
  49
  50   // Creates a new SSLClientAuthHandler. The caller ensures that the handler
  51   // does not outlive |request| or |delegate|.
  52   SSLClientAuthHandler(scoped_ptr<net::ClientCertStore> client_cert_store,
  53                        net::URLRequest* request,
  54                        net::SSLCertRequestInfo* cert_request_info,
  55                        Delegate* delegate);
  56   ~SSLClientAuthHandler();
  57
  58   // Selects a certificate and resumes the URL request with that certificate.
  59   void SelectCertificate();
  60
  61   // Called to continue the request associated with |handler| using |cert|. This
  62   // is static to avoid deleting |handler| while it is on the stack.
  63   static void ContinueWithCertificate(
  64       const base::WeakPtr<SSLClientAuthHandler>& handler,
  65       net::X509Certificate* cert);
  66
  67   // Called to abort the request associated with |handler|. This is static to
  68   // avoid deleting |handler| while it is on the stack.
  69   static void CancelCertificateSelection(
  70       const base::WeakPtr<SSLClientAuthHandler>& handler);
  71
  72  private:
  73   class Core;
  74
  75   // Called when |core_| is done retrieving the cert list.
  76   void DidGetClientCerts();
  77
  78   // A reference-counted core so the ClientCertStore may outlive
  79   // SSLClientAuthHandler if the handler is destroyed while an operation on the
  80   // ClientCertStore is in progress.
  81   scoped_refptr<Core> core_;
  82
  83   // The net::URLRequest that triggered this client auth.
  84   net::URLRequest* request_;
  85
  86   // The certs to choose from.
  87   scoped_refptr<net::SSLCertRequestInfo> cert_request_info_;
  88
  89   // The delegate to call back with the result.
  90   Delegate* delegate_;
  91
  92   base::WeakPtrFactory<SSLClientAuthHandler> weak_factory_;
  93
  94   DISALLOW_COPY_AND_ASSIGN(SSLClientAuthHandler);
  95 };
  96
  97 }  // namespace content
  98
  99 #endif  // CONTENT_BROWSER_SSL_SSL_CLIENT_AUTH_HANDLER_H_