8bbdc224ac
* chore: bump chromium in DEPS to 7fb9778894d73378bff51087ce869ea5aa6e5d5d * chore: bump chromium in DEPS to 83da426e53d423f0530fc23433b6d2c4d0548442 * update patches * remove chromeos-only TtsControllerDelegate Refs: https://chromium-review.googlesource.com/c/chromium/src/+/2255314 * SharedUserScriptMaster -> SharedUserScriptManager Refs: https://chromium-review.googlesource.com/c/chromium/src/+/2258357 * avoid deprecated DISALLOW_COPY_AND_ASSIGN https://groups.google.com/a/chromium.org/forum/#!msg/cxx/qwH2hxaEjac/TUKq6eqfCwAJ * chore: bump chromium in DEPS to b2eaf9ff4e6b03267bf279583ea20ceb2b25e9d0 * update patches * rename GetHighContrastColorScheme -> GetPlatformHighContrastColorScheme Refs: https://chromium-review.googlesource.com/c/chromium/src/+/2250224 * remove vulkan info collection Refs: https://chromium-review.googlesource.com/c/chromium/src/+/2252818 * add max_xcode_version build var Refs: https://chromium-review.googlesource.com/c/chromium/src/+/2264867 * add missing headers * chore: bump chromium in DEPS to cded18ca1138f7e8efc904f077ddcca34f0135cf * update patches * add empty floc blocklist to BrowserProcessImpl Refs: https://chromium-review.googlesource.com/c/chromium/src/+/2240873 * chore: bump chromium in DEPS to f06602226cd80bf677b2ce013a94a2fb7f6ac58d * chore: bump chromium in DEPS to 747aa4bfc74fc6cf7f08ee72624cd69ae41ae28d * chore: bump chromium in DEPS to 31c0105e50fcc4e94de33e5c8602c755ace4a32b * chore: update patches * Reland "[base] Stop including check.h, notreached.h, etc. in logging.h" https://chromium-review.googlesource.com/c/chromium/src/+/2264297 * X11 and Ozone: make sure gfx::AcceleratedWidget to be uint32_t https://chromium-review.googlesource.com/c/chromium/src/+/2260554 * Move zygote from //services/service_manager back to //content https://chromium-review.googlesource.com/c/chromium/src/+/2252466 * chore: update v8 patches * [XProto] Remove usage of Shape extension https://chromium-review.googlesource.com/c/chromium/src/+/2262113 * fixup! add empty floc blocklist to BrowserProcessImpl * Require macOS 10.15.1 sdk https://chromium-review.googlesource.com/c/chromium/src/+/2238504 * Use newer Xcode version 11.5.0 * update src cache * chore: bump chromium in DEPS to 60a9883e35db3f6f91916f0878e88e1849c17b11 * chore: update patches * Reland "Reland "New toolchain for Windows 10 19041 SDK"" https://chromium-review.googlesource.com/c/chromium/src/+/2255527 * update patches * Convert raw NonClientFrameViews to unique_ptrs https://chromium-review.googlesource.com/c/chromium/src/+/2240417 * [printing] Move PrintHostMsg_DidPreviewDocument_Params to print.mojom https://chromium-review.googlesource.com/c/chromium/src/+/2257035 * chore: bump chromium in DEPS to 12c233c2a85bfa28fb279f390121ba681e52a71b * chore: update patches * Removing oppressive language for the directory chrome/browser/apps https://chromium-review.googlesource.com/c/chromium/src/+/2269822 * Inclusion: rename SpellcheckLanguageBlacklistPolicyHandler https://chromium-review.googlesource.com/c/chromium/src/+/2267646 * Clean up duplicate WebContents "is fullscreen" functions https://chromium-review.googlesource.com/c/chromium/src/+/2275148 * Adds icon loading service with sandbox for Windows. https://chromium-review.googlesource.com/c/chromium/src/+/1987273 * No more Vulkan info collection for UMA on Windows https://chromium-review.googlesource.com/c/chromium/src/+/2252818 * fix lint * chore: update buildflag conditions * chore: bump chromium in DEPS to a837d4c4230ace4f10b2768728f4044b7995dfa5 * update hunspell files * chore: update patches * Make content::FileSelectListener a RefCounted https://chromium-review.googlesource.com/c/chromium/src/+/2275338 * fix build failures on MAS * update patches * fixup! Reland "[base] Stop including check.h, notreached.h, etc. in logging.h" * fix build on windows * Check for GDI exhaustion if window creation fails https://chromium-review.googlesource.com/c/chromium/src/+/2244124 * chore: bump chromium in DEPS to 2c9b2a73be4ef9ec22d8b6da8e174cb80753f125 * chore: update patches * Network Service: Move DeleteCookiePredicate into public folder https://chromium-review.googlesource.com/c/chromium/src/+/2264186 * chore: bump chromium in DEPS to fa2606299bcc02c362528d26b5dcf8c8a0db0735 * chore: bump chromium in DEPS to d9c235d1227204dbae3708daae851573a3566b94 * chore: bump chromium in DEPS to 2f82c284243c035f49a747fd1ead6c44b4b31093 * chore: update patches * Move creating the LayerTreeSettings into blink. https://chromium-review.googlesource.com/c/chromium/src/+/2267720 * chore: bump chromium in DEPS to 914112f1d9af9e4974059dc403da62699a55550f * update patches * chore: bump chromium in DEPS to e0bc1ffae6393fc543a2da94c88167df75859b36 * refactor: match upstream print preview handling (#24452) * update patches * chore: bump chromium in DEPS to 0881423156abe084164b51ab58ce93a8bd380524 * update patches * update patches * give a type to pendingPromise * chore: bump chromium in DEPS to 11a8c1534b16d130075d378a64187360ba4e7820 * update patches * 2272609: Move //services/service_manager/sandbox to //sandbox/policy. https://chromium-review.googlesource.com/c/chromium/src/+/2272609 * update patches * fixup! 2272609: Move //services/service_manager/sandbox to //sandbox/policy. * fixup! 2272609: Move //services/service_manager/sandbox to //sandbox/policy. * 2264511: Cookies: Update SetCanonicalCookie to return CookieAccessResult https://chromium-review.googlesource.com/c/chromium/src/+/2264511 * chore: fix setAlwaysOnTop test The window must be visible for state to be updated properly. * Revert "Migrate modules/desktop_capture and modules/video_capture to webrtc::Mutex." https://webrtc-review.googlesource.com/c/src/+/179080 * update patches Co-authored-by: Andy Locascio <andy@slack-corp.com> Co-authored-by: deepak1556 <hop2deep@gmail.com> Co-authored-by: Samuel Attard <samuel.r.attard@gmail.com> Co-authored-by: John Kleinschmidt <jkleinsc@github.com> Co-authored-by: Electron Bot <anonymous@electronjs.org> Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com> Co-authored-by: Jeremy Rose <nornagon@nornagon.net> Co-authored-by: Samuel Attard <marshallofsound@electronjs.org>
161 lines
7.8 KiB
Diff
161 lines
7.8 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Jeremy Apthorp <nornagon@nornagon.net>
|
|
Date: Tue, 12 Nov 2019 11:50:16 -0800
|
|
Subject: add TrustedAuthClient to URLLoaderFactory
|
|
|
|
This allows intercepting authentication requests for the 'net' module.
|
|
Without this, the 'login' event for electron.net.ClientRequest can't be
|
|
implemented, because the existing path checks for the presence of a
|
|
WebContents, and cancels the authentication if there's no WebContents
|
|
available, which there isn't in the case of the 'net' module.
|
|
|
|
diff --git a/services/network/public/mojom/network_context.mojom b/services/network/public/mojom/network_context.mojom
|
|
index ccac671f0e7e56c731cb9bd92bad788271419a7f..cfea0e5dbc28f1a4cdfea36372ce7f34f15c4de7 100644
|
|
--- a/services/network/public/mojom/network_context.mojom
|
|
+++ b/services/network/public/mojom/network_context.mojom
|
|
@@ -214,6 +214,25 @@ struct CTPolicy {
|
|
array<string> excluded_legacy_spkis;
|
|
};
|
|
|
|
+interface TrustedAuthClient {
|
|
+ OnAuthRequired(
|
|
+ mojo_base.mojom.UnguessableToken? window_id,
|
|
+ uint32 process_id,
|
|
+ uint32 routing_id,
|
|
+ uint32 request_id,
|
|
+ url.mojom.Url url,
|
|
+ bool first_auth_attempt,
|
|
+ AuthChallengeInfo auth_info,
|
|
+ URLResponseHead? head,
|
|
+ pending_remote<AuthChallengeResponder> auth_challenge_responder);
|
|
+};
|
|
+interface TrustedURLLoaderAuthClient {
|
|
+ // When a new URLLoader is created, this will be called to pass a
|
|
+ // corresponding |auth_client|.
|
|
+ OnLoaderCreated(int32 request_id,
|
|
+ pending_receiver<TrustedAuthClient> auth_client);
|
|
+};
|
|
+
|
|
interface CertVerifierClient {
|
|
Verify(
|
|
int32 default_error,
|
|
@@ -640,6 +659,8 @@ struct URLLoaderFactoryParams {
|
|
// impact because of the extra process hops, so use should be minimized.
|
|
pending_remote<TrustedURLLoaderHeaderClient>? header_client;
|
|
|
|
+ pending_remote<TrustedURLLoaderAuthClient>? auth_client;
|
|
+
|
|
// |factory_bound_access_patterns| are used for CORS checks in addition to
|
|
// the per-context allow patterns that is managed via NetworkContext
|
|
// interface. This still respects the per-context block lists.
|
|
diff --git a/services/network/url_loader.cc b/services/network/url_loader.cc
|
|
index 1fa9021a62385fd5c0dadbb8a4a046cd72039915..2b0e4841d009df2f7bb310efca74d2ff79d29b36 100644
|
|
--- a/services/network/url_loader.cc
|
|
+++ b/services/network/url_loader.cc
|
|
@@ -471,6 +471,7 @@ URLLoader::URLLoader(
|
|
base::WeakPtr<KeepaliveStatisticsRecorder> keepalive_statistics_recorder,
|
|
base::WeakPtr<NetworkUsageAccumulator> network_usage_accumulator,
|
|
mojom::TrustedURLLoaderHeaderClient* url_loader_header_client,
|
|
+ mojom::TrustedURLLoaderAuthClient* url_loader_auth_client,
|
|
mojom::OriginPolicyManager* origin_policy_manager,
|
|
std::unique_ptr<TrustTokenRequestHelperFactory> trust_token_helper_factory,
|
|
mojo::PendingRemote<mojom::CookieAccessObserver> cookie_observer)
|
|
@@ -534,6 +535,11 @@ URLLoader::URLLoader(
|
|
header_client_.set_disconnect_handler(
|
|
base::BindOnce(&URLLoader::OnMojoDisconnect, base::Unretained(this)));
|
|
}
|
|
+ if (url_loader_auth_client) {
|
|
+ url_loader_auth_client->OnLoaderCreated(request_id_, auth_client_.BindNewPipeAndPassReceiver());
|
|
+ auth_client_.set_disconnect_handler(
|
|
+ base::BindOnce(&URLLoader::OnMojoDisconnect, base::Unretained(this)));
|
|
+ }
|
|
if (want_raw_headers_) {
|
|
options_ |= mojom::kURLLoadOptionSendSSLInfoWithResponse |
|
|
mojom::kURLLoadOptionSendSSLInfoForCertificateError;
|
|
@@ -1061,7 +1067,7 @@ void URLLoader::OnAuthRequired(net::URLRequest* url_request,
|
|
// |this| may have been deleted.
|
|
return;
|
|
}
|
|
- if (!network_context_client_) {
|
|
+ if (!network_context_client_ && !auth_client_) {
|
|
OnAuthCredentials(base::nullopt);
|
|
return;
|
|
}
|
|
@@ -1077,11 +1083,20 @@ void URLLoader::OnAuthRequired(net::URLRequest* url_request,
|
|
if (url_request->response_headers())
|
|
head->headers = url_request->response_headers();
|
|
head->auth_challenge_info = auth_info;
|
|
- network_context_client_->OnAuthRequired(
|
|
- fetch_window_id_, factory_params_->process_id, render_frame_id_,
|
|
- request_id_, url_request_->url(), first_auth_attempt_, auth_info,
|
|
- std::move(head),
|
|
- auth_challenge_responder_receiver_.BindNewPipeAndPassRemote());
|
|
+
|
|
+ if (auth_client_) {
|
|
+ auth_client_->OnAuthRequired(
|
|
+ fetch_window_id_, factory_params_->process_id, render_frame_id_,
|
|
+ request_id_, url_request_->url(), first_auth_attempt_, auth_info,
|
|
+ std::move(head),
|
|
+ auth_challenge_responder_receiver_.BindNewPipeAndPassRemote());
|
|
+ } else {
|
|
+ network_context_client_->OnAuthRequired(
|
|
+ fetch_window_id_, factory_params_->process_id, render_frame_id_,
|
|
+ request_id_, url_request_->url(), first_auth_attempt_, auth_info,
|
|
+ std::move(head),
|
|
+ auth_challenge_responder_receiver_.BindNewPipeAndPassRemote());
|
|
+ }
|
|
|
|
auth_challenge_responder_receiver_.set_disconnect_handler(
|
|
base::BindOnce(&URLLoader::DeleteSelf, base::Unretained(this)));
|
|
diff --git a/services/network/url_loader.h b/services/network/url_loader.h
|
|
index 1c8a9ce4ba5f41cb7a4d415337ff087894fee3df..1ea5d86177ff568a13e3d10767316ae496298d10 100644
|
|
--- a/services/network/url_loader.h
|
|
+++ b/services/network/url_loader.h
|
|
@@ -115,6 +115,7 @@ class COMPONENT_EXPORT(NETWORK_SERVICE) URLLoader
|
|
base::WeakPtr<KeepaliveStatisticsRecorder> keepalive_statistics_recorder,
|
|
base::WeakPtr<NetworkUsageAccumulator> network_usage_accumulator,
|
|
mojom::TrustedURLLoaderHeaderClient* url_loader_header_client,
|
|
+ mojom::TrustedURLLoaderAuthClient* url_loader_auth_client,
|
|
mojom::OriginPolicyManager* origin_policy_manager,
|
|
std::unique_ptr<TrustTokenRequestHelperFactory>
|
|
trust_token_helper_factory,
|
|
@@ -456,6 +457,7 @@ class COMPONENT_EXPORT(NETWORK_SERVICE) URLLoader
|
|
base::Optional<base::UnguessableToken> fetch_window_id_;
|
|
|
|
mojo::Remote<mojom::TrustedHeaderClient> header_client_;
|
|
+ mojo::Remote<mojom::TrustedAuthClient> auth_client_;
|
|
|
|
std::unique_ptr<FileOpenerForUpload> file_opener_for_upload_;
|
|
|
|
diff --git a/services/network/url_loader_factory.cc b/services/network/url_loader_factory.cc
|
|
index 75ae8488efa7e5acfda0b21029657b525fa95f86..5dce71ee5efc97f9f63d0b5f236dccdfb05cfc79 100644
|
|
--- a/services/network/url_loader_factory.cc
|
|
+++ b/services/network/url_loader_factory.cc
|
|
@@ -75,6 +75,7 @@ URLLoaderFactory::URLLoaderFactory(
|
|
resource_scheduler_client_(std::move(resource_scheduler_client)),
|
|
header_client_(std::move(params_->header_client)),
|
|
coep_reporter_(std::move(params_->coep_reporter)),
|
|
+ auth_client_(std::move(params_->auth_client)),
|
|
cors_url_loader_factory_(cors_url_loader_factory),
|
|
cookie_observer_(std::move(params_->cookie_observer)) {
|
|
DCHECK(context);
|
|
@@ -254,6 +255,7 @@ void URLLoaderFactory::CreateLoaderAndStart(
|
|
std::move(keepalive_statistics_recorder),
|
|
std::move(network_usage_accumulator),
|
|
header_client_.is_bound() ? header_client_.get() : nullptr,
|
|
+ auth_client_.is_bound() ? auth_client_.get() : nullptr,
|
|
context_->origin_policy_manager(), std::move(trust_token_factory),
|
|
std::move(cookie_observer));
|
|
|
|
diff --git a/services/network/url_loader_factory.h b/services/network/url_loader_factory.h
|
|
index 8b29b67a5b0663778df3169e09bf818e6bbcec3f..e504fa3d41066907a3fbc41e69daac968415dfa6 100644
|
|
--- a/services/network/url_loader_factory.h
|
|
+++ b/services/network/url_loader_factory.h
|
|
@@ -75,6 +75,7 @@ class URLLoaderFactory : public mojom::URLLoaderFactory {
|
|
scoped_refptr<ResourceSchedulerClient> resource_scheduler_client_;
|
|
mojo::Remote<mojom::TrustedURLLoaderHeaderClient> header_client_;
|
|
mojo::Remote<mojom::CrossOriginEmbedderPolicyReporter> coep_reporter_;
|
|
+ mojo::Remote<mojom::TrustedURLLoaderAuthClient> auth_client_;
|
|
|
|
// |cors_url_loader_factory_| owns this.
|
|
cors::CorsURLLoaderFactory* cors_url_loader_factory_;
|