Home | History | Annotate | Download | only in ssl 
      1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef CONTENT_BROWSER_SSL_SSL_CLIENT_AUTH_HANDLER_H_
      6 #define CONTENT_BROWSER_SSL_SSL_CLIENT_AUTH_HANDLER_H_
      7 
      8 #include "base/basictypes.h"
      9 #include "base/memory/ref_counted.h"
     10 #include "base/sequenced_task_runner_helpers.h"
     11 #include "content/common/content_export.h"
     12 #include "content/public/browser/browser_thread.h"
     13 #include "net/ssl/ssl_cert_request_info.h"
     14 
     15 namespace net {
     16 class ClientCertStore;
     17 class HttpNetworkSession;
     18 class URLRequest;
     19 class X509Certificate;
     20 }  // namespace net
     21 
     22 namespace content {
     23 
     24 class ResourceContext;
     25 
     26 // This class handles the approval and selection of a certificate for SSL client
     27 // authentication by the user.
     28 // It is self-owned and deletes itself when the UI reports the user selection or
     29 // when the net::URLRequest is cancelled.
     30 class CONTENT_EXPORT SSLClientAuthHandler
     31     : public base::RefCountedThreadSafe<
     32           SSLClientAuthHandler, BrowserThread::DeleteOnIOThread> {
     33  public:
     34   SSLClientAuthHandler(scoped_ptr<net::ClientCertStore> client_cert_store,
     35                        net::URLRequest* request,
     36                        net::SSLCertRequestInfo* cert_request_info);
     37 
     38   // Selects a certificate and resumes the URL request with that certificate.
     39   // Should only be called on the IO thread.
     40   void SelectCertificate();
     41 
     42   // Invoked when the request associated with this handler is cancelled.
     43   // Should only be called on the IO thread.
     44   void OnRequestCancelled();
     45 
     46   // Calls DoCertificateSelected on the I/O thread.
     47   // Called on the UI thread after the user has made a selection (which may
     48   // be long after DoSelectCertificate returns, if the UI is modeless/async.)
     49   void CertificateSelected(net::X509Certificate* cert);
     50 
     51  protected:
     52   virtual ~SSLClientAuthHandler();
     53 
     54  private:
     55   friend class base::RefCountedThreadSafe<
     56       SSLClientAuthHandler, BrowserThread::DeleteOnIOThread>;
     57   friend class BrowserThread;
     58   friend class base::DeleteHelper<SSLClientAuthHandler>;
     59 
     60   // Called when ClientCertStore is done retrieving the cert list.
     61   void DidGetClientCerts();
     62 
     63   // Notifies that the user has selected a cert.
     64   // Called on the IO thread.
     65   void DoCertificateSelected(net::X509Certificate* cert);
     66 
     67   // Selects a client certificate on the UI thread.
     68   void DoSelectCertificate(int render_process_host_id,
     69                            int render_frame_host_id);
     70 
     71   // The net::URLRequest that triggered this client auth.
     72   net::URLRequest* request_;
     73 
     74   // The HttpNetworkSession |request_| is associated with.
     75   const net::HttpNetworkSession* http_network_session_;
     76 
     77   // The certs to choose from.
     78   scoped_refptr<net::SSLCertRequestInfo> cert_request_info_;
     79 
     80   scoped_ptr<net::ClientCertStore> client_cert_store_;
     81 
     82   DISALLOW_COPY_AND_ASSIGN(SSLClientAuthHandler);
     83 };
     84 
     85 }  // namespace content
     86 
     87 #endif  // CONTENT_BROWSER_SSL_SSL_CLIENT_AUTH_HANDLER_H_
     88