mirrors/electron
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
electron/patches/chromium/add_trustedauthclient_to_urlloaderfactory.patch
John Kleinschmidt 1e16606524 chore: update patches
2021-03-15 14:32:18 -04:00

163 lines
8 KiB
Diff
Raw Blame History

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: deepak1556 <hop2deep@gmail.com>
Date: Wed, 27 Jan 2021 15:20:01 -0800
Subject: add TrustedAuthClient to URLLoaderFactory
This allows intercepting authentication requests for the 'net' module.
Without this, the 'login' event for electron.net.ClientRequest can't be
implemented, because the existing path checks for the presence of a
WebContents, and cancels the authentication if there's no WebContents
available, which there isn't in the case of the 'net' module.
diff --git a/services/network/public/mojom/network_context.mojom b/services/network/public/mojom/network_context.mojom
index b35746e2850d7d724fcf3dc09ddbfea1ca56a746..491172c51c2d196573f2e835f7b81df30a33cf2f 100644
--- a/services/network/public/mojom/network_context.mojom
+++ b/services/network/public/mojom/network_context.mojom
@@ -192,6 +192,26 @@ struct CTPolicy {
array<string> excluded_legacy_spkis;
};
+interface TrustedAuthClient {
+ OnAuthRequired(
+ mojo_base.mojom.UnguessableToken? window_id,
+ uint32 process_id,
+ uint32 routing_id,
+ uint32 request_id,
+ url.mojom.Url url,
+ bool first_auth_attempt,
+ AuthChallengeInfo auth_info,
+ URLResponseHead? head,
+ pending_remote<AuthChallengeResponder> auth_challenge_responder);
+};
+
+interface TrustedURLLoaderAuthClient {
+ // When a new URLLoader is created, this will be called to pass a
+ // corresponding |auth_client|.
+ OnLoaderCreated(int32 request_id,
+ pending_receiver<TrustedAuthClient> auth_client);
+};
+
interface CertVerifierClient {
Verify(
int32 default_error,
@@ -606,6 +626,8 @@ struct URLLoaderFactoryParams {
// impact because of the extra process hops, so use should be minimized.
pending_remote<TrustedURLLoaderHeaderClient>? header_client;
+ pending_remote<TrustedURLLoaderAuthClient>? auth_client;
+
// Information used restrict access to identity information (like SameSite
// cookies) and to shard network resources, like the cache. If set, takes
// precedence over ResourceRequest::TrustedParams::IsolationInfo field
diff --git a/services/network/url_loader.cc b/services/network/url_loader.cc
index 136c4ec48412354cbc3d77880dd34ec836694004..f484bb54c59866d13e532cd81ed28ad9f982549a 100644
--- a/services/network/url_loader.cc
+++ b/services/network/url_loader.cc
@@ -465,6 +465,7 @@ URLLoader::URLLoader(
scoped_refptr<ResourceSchedulerClient> resource_scheduler_client,
base::WeakPtr<KeepaliveStatisticsRecorder> keepalive_statistics_recorder,
mojom::TrustedURLLoaderHeaderClient* url_loader_header_client,
+ mojom::TrustedURLLoaderAuthClient* url_loader_auth_client,
mojom::OriginPolicyManager* origin_policy_manager,
std::unique_ptr<TrustTokenRequestHelperFactory> trust_token_helper_factory,
const cors::OriginAccessList& origin_access_list,
@@ -533,6 +534,11 @@ URLLoader::URLLoader(
header_client_.set_disconnect_handler(
base::BindOnce(&URLLoader::OnMojoDisconnect, base::Unretained(this)));
}
+ if (url_loader_auth_client) {
+ url_loader_auth_client->OnLoaderCreated(request_id_, auth_client_.BindNewPipeAndPassReceiver());
+ auth_client_.set_disconnect_handler(
+ base::BindOnce(&URLLoader::OnMojoDisconnect, base::Unretained(this)));
+ }
if (want_raw_headers_) {
options_ |= mojom::kURLLoadOptionSendSSLInfoWithResponse |
mojom::kURLLoadOptionSendSSLInfoForCertificateError;
@@ -1198,7 +1204,7 @@ void URLLoader::OnAuthRequired(net::URLRequest* url_request,
return;
}
auto* url_loader_network_observer = GetURLLoaderNetworkServiceObserver();
- if (!url_loader_network_observer) {
+ if (!url_loader_network_observer && !auth_client_) {
OnAuthCredentials(base::nullopt);
return;
}
@@ -1210,10 +1216,22 @@ void URLLoader::OnAuthRequired(net::URLRequest* url_request,
DCHECK(!auth_challenge_responder_receiver_.is_bound());
- url_loader_network_observer->OnAuthRequired(
- fetch_window_id_, request_id_, url_request_->url(), first_auth_attempt_,
- auth_info, url_request->response_headers(),
- auth_challenge_responder_receiver_.BindNewPipeAndPassRemote());
+ auto head = mojom::URLResponseHead::New();
+ if (url_request->response_headers())
+ head->headers = url_request->response_headers();
+ head->auth_challenge_info = auth_info;
+ if (auth_client_) {
+ auth_client_->OnAuthRequired(
+ fetch_window_id_, factory_params_->process_id, render_frame_id_,
+ request_id_, url_request_->url(), first_auth_attempt_, auth_info,
+ std::move(head),
+ auth_challenge_responder_receiver_.BindNewPipeAndPassRemote());
+ } else {
+ url_loader_network_observer->OnAuthRequired(
+ fetch_window_id_, request_id_, url_request_->url(), first_auth_attempt_,
+ auth_info, url_request->response_headers(),
+ auth_challenge_responder_receiver_.BindNewPipeAndPassRemote());
+ }
auth_challenge_responder_receiver_.set_disconnect_handler(
base::BindOnce(&URLLoader::DeleteSelf, base::Unretained(this)));
diff --git a/services/network/url_loader.h b/services/network/url_loader.h
index f8c6112335ea43912485e76ec48d28b8609fab83..25c17fc78a03ba6a0b1a399e22bbba827e2275fb 100644
--- a/services/network/url_loader.h
+++ b/services/network/url_loader.h
@@ -128,6 +128,7 @@ class COMPONENT_EXPORT(NETWORK_SERVICE) URLLoader
scoped_refptr<ResourceSchedulerClient> resource_scheduler_client,
base::WeakPtr<KeepaliveStatisticsRecorder> keepalive_statistics_recorder,
mojom::TrustedURLLoaderHeaderClient* url_loader_header_client,
+ mojom::TrustedURLLoaderAuthClient* url_loader_auth_client,
mojom::OriginPolicyManager* origin_policy_manager,
std::unique_ptr<TrustTokenRequestHelperFactory>
trust_token_helper_factory,
@@ -517,6 +518,7 @@ class COMPONENT_EXPORT(NETWORK_SERVICE) URLLoader
base::Optional<base::UnguessableToken> fetch_window_id_;
mojo::Remote<mojom::TrustedHeaderClient> header_client_;
+ mojo::Remote<mojom::TrustedAuthClient> auth_client_;
std::unique_ptr<FileOpenerForUpload> file_opener_for_upload_;
diff --git a/services/network/url_loader_factory.cc b/services/network/url_loader_factory.cc
index 766d343375c24c5746fb442370b544a8cf76d58f..627efb08ed0974f0c7672085e46996048af8c244 100644
--- a/services/network/url_loader_factory.cc
+++ b/services/network/url_loader_factory.cc
@@ -76,6 +76,7 @@ URLLoaderFactory::URLLoaderFactory(
resource_scheduler_client_(std::move(resource_scheduler_client)),
header_client_(std::move(params_->header_client)),
coep_reporter_(std::move(params_->coep_reporter)),
+ auth_client_(std::move(params_->auth_client)),
cors_url_loader_factory_(cors_url_loader_factory),
cookie_observer_(std::move(params_->cookie_observer)),
url_loader_network_service_observer_(
@@ -279,6 +280,7 @@ void URLLoaderFactory::CreateLoaderAndStart(
context_->require_network_isolation_key(), resource_scheduler_client_,
std::move(keepalive_statistics_recorder),
header_client_.is_bound() ? header_client_.get() : nullptr,
+ auth_client_.is_bound() ? auth_client_.get() : nullptr,
context_->origin_policy_manager(), std::move(trust_token_factory),
context_->cors_origin_access_list(), std::move(cookie_observer),
std::move(url_loader_network_observer), std::move(devtools_observer));
diff --git a/services/network/url_loader_factory.h b/services/network/url_loader_factory.h
index f0e423b245026a06161ab922c1aed44c9152e40a..ebce1dae5a0bceeff8e77595d4cb57166c1d236f 100644
--- a/services/network/url_loader_factory.h
+++ b/services/network/url_loader_factory.h
@@ -79,6 +79,7 @@ class URLLoaderFactory : public mojom::URLLoaderFactory {
scoped_refptr<ResourceSchedulerClient> resource_scheduler_client_;
mojo::Remote<mojom::TrustedURLLoaderHeaderClient> header_client_;
mojo::Remote<mojom::CrossOriginEmbedderPolicyReporter> coep_reporter_;
+ mojo::Remote<mojom::TrustedURLLoaderAuthClient> auth_client_;
// |cors_url_loader_factory_| owns this.
cors::CorsURLLoaderFactory* cors_url_loader_factory_;
Reference in a new issue View git blame Copy permalink