| // Copyright 2019 The Chromium Authors |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #include "chrome/browser/ash/cryptauth/client_app_metadata_provider_service.h" |
| |
| #include <string> |
| |
| #include "ash/constants/ash_features.h" |
| #include "ash/constants/ash_pref_names.h" |
| #include "base/feature_list.h" |
| #include "base/functional/callback.h" |
| #include "base/linux_util.h" |
| #include "base/logging.h" |
| #include "base/metrics/histogram_functions.h" |
| #include "base/metrics/histogram_macros.h" |
| #include "base/no_destructor.h" |
| #include "base/strings/string_util.h" |
| #include "base/time/time.h" |
| #include "base/version.h" |
| #include "chrome/browser/ash/cryptauth/cryptauth_device_id_provider_impl.h" |
| #include "chrome/browser/chrome_content_browser_client.h" |
| #include "chrome/common/pref_names.h" |
| #include "chromeos/ash/components/multidevice/logging/logging.h" |
| #include "chromeos/ash/components/network/network_state_handler.h" |
| #include "chromeos/ash/components/network/network_type_pattern.h" |
| #include "chromeos/ash/services/device_sync/proto/cryptauth_better_together_feature_metadata.pb.h" |
| #include "chromeos/ash/services/device_sync/public/cpp/gcm_constants.h" |
| #include "components/gcm_driver/instance_id/instance_id_driver.h" |
| #include "components/gcm_driver/instance_id/instance_id_profile_service.h" |
| #include "components/prefs/pref_registry_simple.h" |
| #include "components/prefs/pref_service.h" |
| #include "components/version_info/version_info.h" |
| #include "device/bluetooth/bluetooth_adapter.h" |
| #include "device/bluetooth/bluetooth_adapter_factory.h" |
| |
| namespace ash { |
| |
| namespace { |
| |
| const char kInstanceIdScope[] = "GCM"; |
| const char kDefaultModelName[] = "Chromebook"; |
| |
| const cryptauthv2::FeatureMetadata& GenerateFeatureMetadata() { |
| static const base::NoDestructor<cryptauthv2::FeatureMetadata> |
| feature_metadata([] { |
| cryptauthv2::BetterTogetherFeatureMetadata inner_metadata; |
| |
| // Smart Lock and MultiDevice Setup are supported on all Chromebooks. |
| inner_metadata.add_supported_features( |
| cryptauthv2:: |
| BetterTogetherFeatureMetadata_FeatureName_EASY_UNLOCK_CLIENT); |
| inner_metadata.add_supported_features( |
| cryptauthv2:: |
| BetterTogetherFeatureMetadata_FeatureName_BETTER_TOGETHER_CLIENT); |
| |
| // Instant Tethering is only supported if the associated flag enabled. |
| if (base::FeatureList::IsEnabled(features::kInstantTethering)) { |
| inner_metadata.add_supported_features( |
| cryptauthv2:: |
| BetterTogetherFeatureMetadata_FeatureName_MAGIC_TETHER_CLIENT); |
| } |
| |
| // Phone Hub is only supported if the associated flag is enabled. |
| if (features::IsPhoneHubEnabled()) { |
| inner_metadata.add_supported_features( |
| cryptauthv2:: |
| BetterTogetherFeatureMetadata_FeatureName_PHONE_HUB_CLIENT); |
| } |
| |
| // Wifi Sync Android is only supported if the associated flag is |
| // enabled. |
| if (features::IsWifiSyncAndroidEnabled()) { |
| inner_metadata.add_supported_features( |
| cryptauthv2:: |
| BetterTogetherFeatureMetadata_FeatureName_WIFI_SYNC_CLIENT); |
| } |
| |
| // Eche is only supported if the associated flag is enabled. |
| if (features::IsEcheSWAEnabled()) { |
| inner_metadata.add_supported_features( |
| cryptauthv2:: |
| BetterTogetherFeatureMetadata_FeatureName_ECHE_CLIENT); |
| } |
| |
| // Camera Roll is only supported if the associated flag is enabled. |
| if (features::IsPhoneHubCameraRollEnabled()) { |
| inner_metadata.add_supported_features( |
| cryptauthv2:: |
| BetterTogetherFeatureMetadata_FeatureName_PHONE_HUB_CAMERA_ROLL_CLIENT); |
| } |
| |
| // Note: |inner_metadata|'s enabled_features field is deprecated and |
| // left unset here (the server ignores this value when processing the |
| // received proto). |
| |
| cryptauthv2::FeatureMetadata feature_metadata; |
| feature_metadata.set_feature_type( |
| cryptauthv2::FeatureMetadata_Feature_BETTER_TOGETHER); |
| feature_metadata.set_metadata(inner_metadata.SerializeAsString()); |
| |
| return feature_metadata; |
| }()); |
| |
| return *feature_metadata; |
| } |
| |
| cryptauthv2::ApplicationSpecificMetadata GenerateApplicationSpecificMetadata( |
| const std::string& gcm_registration_id, |
| int64_t software_version_code) { |
| cryptauthv2::ApplicationSpecificMetadata metadata; |
| metadata.set_gcm_registration_id(gcm_registration_id); |
| // Chrome OS system notifications are always enabled. |
| metadata.set_notification_enabled(true); |
| metadata.set_device_software_version(base::GetLinuxDistro()); |
| metadata.set_device_software_version_code(software_version_code); |
| metadata.set_device_software_package(device_sync::kCryptAuthGcmAppId); |
| return metadata; |
| } |
| |
| void LogInstanceIdTokenFetchRetries(int count) { |
| base::UmaHistogramExactLinear( |
| "CryptAuth.ClientAppMetadataInstanceIdTokenFetch.Retries", count, 2); |
| } |
| |
| } // namespace |
| |
| // static |
| void ClientAppMetadataProviderService::RegisterProfilePrefs( |
| PrefRegistrySimple* registry) { |
| registry->RegisterStringPref(::prefs::kCryptAuthInstanceId, std::string()); |
| registry->RegisterStringPref(::prefs::kCryptAuthInstanceIdToken, |
| std::string()); |
| } |
| |
| // static |
| int64_t ClientAppMetadataProviderService::ConvertVersionCodeToInt64( |
| const std::string& version_code_str) { |
| static const size_t kNumDigitsInLastSection = 3; |
| std::string version_code_copy = version_code_str; |
| |
| size_t last_period_index = version_code_copy.rfind('.'); |
| if (last_period_index != std::string::npos) { |
| // If there are fewer than |kNumDigitsInLastSection| digits in the last |
| // section, add extra '0' characters. |
| size_t num_digits_to_add = kNumDigitsInLastSection + last_period_index - |
| (version_code_copy.size() - 1u); |
| version_code_copy.insert(last_period_index + 1u /* pos */, |
| std::string(num_digits_to_add, '0') /* str */); |
| } |
| |
| int64_t code = 0; |
| for (auto it = version_code_copy.cbegin(); it != version_code_copy.cend(); |
| ++it) { |
| if (*it < '0' || *it > '9') |
| continue; |
| code = code * 10 + (*it - '0'); |
| } |
| |
| return code; |
| } |
| |
| ClientAppMetadataProviderService::ClientAppMetadataProviderService( |
| PrefService* pref_service, |
| NetworkStateHandler* network_state_handler, |
| instance_id::InstanceIDProfileService* instance_id_profile_service) |
| : pref_service_(pref_service), |
| network_state_handler_(network_state_handler), |
| instance_id_profile_service_(instance_id_profile_service) {} |
| |
| ClientAppMetadataProviderService::~ClientAppMetadataProviderService() { |
| // If there are any pending callbacks, invoke them before this object is |
| // deleted. |
| InvokePendingCallbacks(); |
| } |
| |
| void ClientAppMetadataProviderService::GetClientAppMetadata( |
| const std::string& gcm_registration_id, |
| GetMetadataCallback callback) { |
| pending_callbacks_.push_back(std::move(callback)); |
| |
| // If the metadata has already been computed, provide it to the callback |
| // immediately. |
| if (client_app_metadata_) { |
| // If |gcm_registration_id| is different from a previously-supplied ID, |
| // replace the ID with this new one. |
| DCHECK_EQ(1, client_app_metadata_->application_specific_metadata_size()); |
| client_app_metadata_->mutable_application_specific_metadata(0 /* index */) |
| ->set_gcm_registration_id(gcm_registration_id); |
| |
| InvokePendingCallbacks(); |
| return; |
| } |
| |
| // If |instance_id_profile_service_| is null, Shutdown() has been called and |
| // there should be no further attempt to calculate the ClientAppMetadata, |
| // since this could result in touching deleted memory. |
| if (!instance_id_profile_service_) { |
| InvokePendingCallbacks(); |
| return; |
| } |
| |
| bool was_already_in_progress = pending_gcm_registration_id_.has_value(); |
| pending_gcm_registration_id_ = gcm_registration_id; |
| |
| // If metadata is currently being computed, update |
| // |pending_gcm_registration_id_| and wait for the ongoing attempt to complete |
| // before continuing. |
| if (was_already_in_progress) |
| return; |
| |
| device::BluetoothAdapterFactory::Get()->GetAdapter(base::BindOnce( |
| &ClientAppMetadataProviderService::OnBluetoothAdapterFetched, |
| weak_ptr_factory_.GetWeakPtr())); |
| } |
| |
| void ClientAppMetadataProviderService::Shutdown() { |
| // Null out |instance_id_profile_service_| to signify that it should no longer |
| // be used. |
| instance_id_profile_service_ = nullptr; |
| |
| // If the ClientAppMetadata is currently being computed and this class is |
| // waiting for an asynchronous operation to return, stop the computation now |
| // to ensure that deleted memory is not touched. |
| weak_ptr_factory_.InvalidateWeakPtrs(); |
| pending_gcm_registration_id_.reset(); |
| |
| InvokePendingCallbacks(); |
| } |
| |
| void ClientAppMetadataProviderService::OnBluetoothAdapterFetched( |
| scoped_refptr<device::BluetoothAdapter> bluetooth_adapter) { |
| base::SysInfo::GetHardwareInfo( |
| base::BindOnce(&ClientAppMetadataProviderService::OnHardwareInfoFetched, |
| weak_ptr_factory_.GetWeakPtr(), bluetooth_adapter)); |
| } |
| |
| void ClientAppMetadataProviderService::OnHardwareInfoFetched( |
| scoped_refptr<device::BluetoothAdapter> bluetooth_adapter, |
| base::SysInfo::HardwareInfo hardware_info) { |
| GetInstanceId()->GetID(base::BindOnce( |
| &ClientAppMetadataProviderService::OnInstanceIdFetched, |
| weak_ptr_factory_.GetWeakPtr(), bluetooth_adapter, hardware_info)); |
| } |
| |
| void ClientAppMetadataProviderService::OnInstanceIdFetched( |
| scoped_refptr<device::BluetoothAdapter> bluetooth_adapter, |
| const base::SysInfo::HardwareInfo& hardware_info, |
| const std::string& instance_id) { |
| DCHECK(!instance_id.empty()); |
| std::string previous_instance_id = |
| pref_service_->GetString(::prefs::kCryptAuthInstanceId); |
| if (!previous_instance_id.empty()) { |
| base::UmaHistogramBoolean("CryptAuth.InstanceId.DidInstanceIdChange", |
| previous_instance_id != instance_id); |
| } |
| pref_service_->SetString(::prefs::kCryptAuthInstanceId, instance_id); |
| |
| GetInstanceId()->GetToken( |
| device_sync:: |
| kCryptAuthV2EnrollmentAuthorizedEntity /* authorized_entity */, |
| kInstanceIdScope /* scope */, base::TimeDelta() /* time_to_live */, |
| {} /* flags */, |
| base::BindOnce( |
| &ClientAppMetadataProviderService::OnInstanceIdTokenFetched, |
| weak_ptr_factory_.GetWeakPtr(), bluetooth_adapter, hardware_info, |
| instance_id)); |
| } |
| |
| void ClientAppMetadataProviderService::OnInstanceIdTokenFetched( |
| scoped_refptr<device::BluetoothAdapter> bluetooth_adapter, |
| const base::SysInfo::HardwareInfo& hardware_info, |
| const std::string& instance_id, |
| const std::string& token, |
| instance_id::InstanceID::Result result) { |
| // If the |token| doesn't begin with the |instance_id|, we have to re-create |
| // the entire InstanceID and remove the old one from storage. |
| if (token.find(':') != std::string::npos && |
| !base::StartsWith(token, instance_id, |
| base::CompareCase::INSENSITIVE_ASCII)) { |
| GetInstanceId()->DeleteID(base::BindOnce( |
| &ClientAppMetadataProviderService::OnInstanceIdDeleted, |
| weak_ptr_factory_.GetWeakPtr(), bluetooth_adapter, hardware_info)); |
| return; |
| } |
| LogInstanceIdTokenFetchRetries(instance_id_recreated_ ? 1 : 0); |
| |
| std::string gcm_registration_id = *pending_gcm_registration_id_; |
| pending_gcm_registration_id_.reset(); |
| instance_id_recreated_ = false; |
| |
| UMA_HISTOGRAM_ENUMERATION( |
| "CryptAuth.ClientAppMetadataInstanceIdTokenFetch.Result", result); |
| |
| // If fetching the token failed, invoke the pending callbacks with a null |
| // ClientAppMetadata. |
| if (result != instance_id::InstanceID::Result::SUCCESS) { |
| PA_LOG(WARNING) << "ClientAppMetadataProviderService::" |
| << "OnInstanceIdTokenFetched(): Failed to fetch InstanceID " |
| << "token; result: " << result << "."; |
| InvokePendingCallbacks(); |
| return; |
| } |
| |
| DCHECK(!token.empty()); |
| std::string previous_instance_id_token = |
| pref_service_->GetString(::prefs::kCryptAuthInstanceIdToken); |
| if (!previous_instance_id_token.empty()) { |
| base::UmaHistogramBoolean("CryptAuth.InstanceId.DidInstanceIdTokenChange", |
| previous_instance_id_token != token); |
| } |
| pref_service_->SetString(::prefs::kCryptAuthInstanceIdToken, token); |
| |
| cryptauthv2::ClientAppMetadata metadata; |
| |
| metadata.add_application_specific_metadata()->CopyFrom( |
| GenerateApplicationSpecificMetadata(gcm_registration_id, |
| SoftwareVersionCodeAsInt64())); |
| metadata.set_instance_id(instance_id); |
| metadata.set_instance_id_token(token); |
| metadata.set_long_device_id( |
| CryptAuthDeviceIdProviderImpl::GetInstance()->GetDeviceId()); |
| |
| metadata.set_locale(ChromeContentBrowserClient().GetApplicationLocale()); |
| metadata.set_device_os_version(base::GetLinuxDistro()); |
| metadata.set_device_os_version_code(SoftwareVersionCodeAsInt64()); |
| metadata.set_device_os_release(std::string(version_info::GetVersionNumber())); |
| metadata.set_device_os_codename(std::string(version_info::GetProductName())); |
| |
| // device_display_diagonal_mils is unused because it only applies to |
| // phones/tablets. |
| metadata.set_device_display_diagonal_mils(0); |
| |
| base::UmaHistogramBoolean("CryptAuth.ClientAppMetadata.IsModelEmpty", |
| hardware_info.model.empty()); |
| metadata.set_device_model(hardware_info.model.empty() ? kDefaultModelName |
| : hardware_info.model); |
| base::UmaHistogramBoolean("CryptAuth.ClientAppMetadata.IsManufacturerEmpty", |
| hardware_info.manufacturer.empty()); |
| metadata.set_device_manufacturer(hardware_info.manufacturer); |
| metadata.set_device_type(cryptauthv2::ClientAppMetadata_DeviceType_CHROME); |
| |
| metadata.set_using_secure_screenlock( |
| pref_service_->GetBoolean(prefs::kEnableAutoScreenLock)); |
| // Auto-unlock here refers to concepts such as "trusted places" and "trusted |
| // peripherals." Chromebooks do support Smart Lock (i.e., unlocking via the |
| // user's phone), but these fields are unrelated. |
| metadata.set_auto_unlock_screenlock_supported(false); |
| metadata.set_auto_unlock_screenlock_enabled(false); |
| |
| metadata.set_bluetooth_radio_supported(bluetooth_adapter->IsPresent()); |
| metadata.set_bluetooth_radio_enabled(bluetooth_adapter->IsPowered()); |
| // Within Chrome, there is no way to determine if Bluetooth Classic vs. BLE is |
| // supported. Since BLE was released in ~2011, it is a safe assumption that |
| // devices still receiving Chrome OS updates do support BLE, so rely on |
| // BluetoothAdapter::IsPresent() for this field as well. |
| metadata.set_ble_radio_supported(bluetooth_adapter->IsPresent()); |
| |
| metadata.set_mobile_data_supported( |
| network_state_handler_->IsTechnologyAvailable( |
| NetworkTypePattern::Cellular())); |
| // The tethering_supported field does not refer to use of Instant Tethering; |
| // rather, this indicates that Chrome OS devices cannot create their own WiFi |
| // hotspots. |
| metadata.set_tethering_supported(false); |
| metadata.add_feature_metadata()->CopyFrom(GenerateFeatureMetadata()); |
| |
| // Note: |metadata|'s bluetooth_address field is not set since enrollment |
| // occurs before any opt-in which would alert the users that their Bluetooth |
| // addresses are being uploaded. |
| |
| // "Pixel experience" refers only to Android devices, so set this field to |
| // false even if this Chromebook is a Pixelbook, Pixel Slate, etc. |
| metadata.set_pixel_experience(false); |
| // |metadata| is being constructed in the browser process (i.e., outside of |
| // the ARC++ container). |
| metadata.set_arc_plus_plus(false); |
| metadata.set_hardware_user_presence_supported(false); |
| metadata.set_user_verification_supported(true); |
| metadata.set_trusted_execution_environment_supported(false); |
| metadata.set_dedicated_secure_element_supported(false); |
| |
| client_app_metadata_ = metadata; |
| InvokePendingCallbacks(); |
| } |
| |
| void ClientAppMetadataProviderService::OnInstanceIdDeleted( |
| scoped_refptr<device::BluetoothAdapter> bluetooth_adapter, |
| const base::SysInfo::HardwareInfo& hardware_info, |
| instance_id::InstanceID::Result result) { |
| instance_id_profile_service_->driver()->RemoveInstanceID( |
| device_sync::kCryptAuthGcmAppId); |
| |
| if (instance_id_recreated_) { |
| LogInstanceIdTokenFetchRetries(2); |
| PA_LOG(WARNING) << "ClientAppMetadataProviderService::" |
| << "OnInstanceIdDeleted(): Instance Id deleted twice in a " |
| << "row, aborting; result: " << result << "."; |
| pending_gcm_registration_id_.reset(); |
| instance_id_recreated_ = false; |
| InvokePendingCallbacks(); |
| return; |
| } |
| |
| instance_id_recreated_ = true; |
| OnHardwareInfoFetched(bluetooth_adapter, hardware_info); |
| } |
| |
| instance_id::InstanceID* ClientAppMetadataProviderService::GetInstanceId() { |
| DCHECK(instance_id_profile_service_); |
| DCHECK(instance_id_profile_service_->driver()); |
| return instance_id_profile_service_->driver()->GetInstanceID( |
| device_sync::kCryptAuthGcmAppId); |
| } |
| |
| int64_t ClientAppMetadataProviderService::SoftwareVersionCodeAsInt64() { |
| static const int64_t version_code = |
| ConvertVersionCodeToInt64(std::string(version_info::GetVersionNumber())); |
| return version_code; |
| } |
| |
| void ClientAppMetadataProviderService::InvokePendingCallbacks() { |
| auto it = pending_callbacks_.begin(); |
| while (it != pending_callbacks_.end()) { |
| std::move(*it).Run(client_app_metadata_); |
| it = pending_callbacks_.erase(it); |
| } |
| } |
| |
| } // namespace ash |
