| // Copyright 2016 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #ifndef ANDROID_WEBVIEW_BROWSER_NET_TOKEN_BINDING_MANAGER_H_ |
| #define ANDROID_WEBVIEW_BROWSER_NET_TOKEN_BINDING_MANAGER_H_ |
| |
| #include "base/callback.h" |
| #include "base/lazy_instance.h" |
| #include "crypto/ec_private_key.h" |
| |
| namespace android_webview { |
| |
| /** |
| * Manages the token binding protocol. Token binding can be enabled/disabled |
| * for each browser context, however all webviews share the same browser |
| * context. Webview does not expose the browser context to the embedder app. |
| * This complicates enabling the protocol since it has to be done very early, |
| * while creating the url request context. |
| * |
| * As a solution TokenBindingManager is set as a singleton (just like its very |
| * similar friend cookiemanager). In future, if webview provides multiple |
| * browser contexts, we may move the ownership to AwBrowserContext after |
| * deciding how to expose the relationship between "context" and the "context |
| * specific settings" such as this. |
| */ |
| class TokenBindingManager { |
| public: |
| static TokenBindingManager* GetInstance(); |
| |
| // Should be called before creating the URLRequestContext (starting |
| // chromium). Otherwise it has no effect. |
| void enable_token_binding() { enabled_ = true; } |
| bool is_enabled() { return enabled_; } |
| |
| // The callback to indicate the status for fetching the key. The first |
| // parameter is one of a network error code (see the underlying protocol |
| // implementation for more), and the second parameter is the key. The |
| // key is owned by the callback and be destroyed at the end of the call. |
| using KeyReadyCallback = base::Callback<void(int, crypto::ECPrivateKey* key)>; |
| using DeletionCompleteCallback = base::Callback<void(void)>; |
| |
| // Retrieve (or create if not exist) the key for the given host. The callback |
| // is called asynchonously to indicate the status for the key creation and |
| // to provide the key. |
| // This method simply pushes the work to the right thread so see the |
| // underlying implementation for more details. |
| void GetKey(const std::string& host, KeyReadyCallback callback); |
| |
| // Deletes the key for the given host. This method simply pushes the work |
| // to the right thread so see the underlying implementation for more details. |
| void DeleteKey(const std::string& host, DeletionCompleteCallback callback); |
| |
| // Deletes all the keys. This method simply pushes the work |
| // to the right thread so see the underlying implementation for more details. |
| void DeleteAllKeys(DeletionCompleteCallback callback); |
| |
| private: |
| friend struct base::DefaultLazyInstanceTraits<TokenBindingManager>; |
| |
| TokenBindingManager(); |
| ~TokenBindingManager() {} |
| |
| bool enabled_; |
| }; |
| |
| } // namespace android_webview |
| |
| #endif // ANDROID_WEBVIEW_BROWSER_NET_TOKEN_BINDING_MANAGER_H_ |