Blame - chrome/browser/webid/federated_identity_api_permission_context.cc - chromium/src.git

blob: f095ea5c1abe6f02d521a1d64cb0a3c06240001b [file] [log] [blame]

Avi Drissman	4a8573c	2022-09-09 19:35:54	[diff] [blame]	1	// Copyright 2022 The Chromium Authors
Peter Kotwicz	90c0dc22	2022-03-09 18:24:45	[diff] [blame]	2	// Use of this source code is governed by a BSD-style license that can be
				3	// found in the LICENSE file.
				4
				5	#include "chrome/browser/webid/federated_identity_api_permission_context.h"
				6
Zachary Tan	3309272	2022-11-15 18:59:38	[diff] [blame]	7	#include "chrome/browser/browser_features.h"
Nicolás Peña Moreno	0c974faf	2022-03-10 16:05:12	[diff] [blame]	8	#include "chrome/browser/content_settings/cookie_settings_factory.h"
Peter Kotwicz	90c0dc22	2022-03-09 18:24:45	[diff] [blame]	9	#include "chrome/browser/content_settings/host_content_settings_map_factory.h"
Peter Kotwicz	ae649ee	2022-04-22 16:01:09	[diff] [blame]	10	#include "chrome/browser/permissions/permission_decision_auto_blocker_factory.h"
Nicolás Peña Moreno	0c974faf	2022-03-10 16:05:12	[diff] [blame]	11	#include "chrome/browser/profiles/profile.h"
Peter Kotwicz	90c0dc22	2022-03-09 18:24:45	[diff] [blame]	12	#include "components/content_settings/core/common/content_settings_types.h"
Peter Kotwicz	ae649ee	2022-04-22 16:01:09	[diff] [blame]	13	#include "components/permissions/permission_decision_auto_blocker.h"
				14	#include "components/permissions/permission_result.h"
Peter Kotwicz	153898a	2022-05-05 18:48:39	[diff] [blame]	15	#include "content/public/common/content_features.h"
Peter Kotwicz	ae649ee	2022-04-22 16:01:09	[diff] [blame]	16	#include "url/origin.h"
Peter Kotwicz	90c0dc22	2022-03-09 18:24:45	[diff] [blame]	17
Peter Kotwicz	153898a	2022-05-05 18:48:39	[diff] [blame]	18	using PermissionStatus =
				19	content::FederatedIdentityApiPermissionContextDelegate::PermissionStatus;
				20
Peter Kotwicz	90c0dc22	2022-03-09 18:24:45	[diff] [blame]	21	FederatedIdentityApiPermissionContext::FederatedIdentityApiPermissionContext(
				22	content::BrowserContext* browser_context)
				23	: host_content_settings_map_(
Nicolás Peña Moreno	0c974faf	2022-03-10 16:05:12	[diff] [blame]	24	HostContentSettingsMapFactory::GetForProfile(browser_context)),
				25	cookie_settings_(CookieSettingsFactory::GetForProfile(
Peter Kotwicz	ae649ee	2022-04-22 16:01:09	[diff] [blame]	26	Profile::FromBrowserContext(browser_context))),
				27	permission_autoblocker_(
				28	PermissionDecisionAutoBlockerFactory::GetForProfile(
				29	Profile::FromBrowserContext(browser_context))) {}
Peter Kotwicz	90c0dc22	2022-03-09 18:24:45	[diff] [blame]	30
				31	FederatedIdentityApiPermissionContext::
				32	~FederatedIdentityApiPermissionContext() = default;
				33
Peter Kotwicz	153898a	2022-05-05 18:48:39	[diff] [blame]	34	content::FederatedIdentityApiPermissionContextDelegate::PermissionStatus
				35	FederatedIdentityApiPermissionContext::GetApiPermissionStatus(
Peter Kotwicz	51d5ddf	2022-08-19 23:20:40	[diff] [blame]	36	const url::Origin& relying_party_embedder) {
Peter Kotwicz	153898a	2022-05-05 18:48:39	[diff] [blame]	37	if (!base::FeatureList::IsEnabled(features::kFedCm))
				38	return PermissionStatus::BLOCKED_VARIATIONS;
				39
Peter Kotwicz	af746d3	2022-12-07 02:18:36	[diff] [blame]	40	const GURL rp_embedder_url = relying_party_embedder.GetURL();
				41
Peter Kotwicz	153898a	2022-05-05 18:48:39	[diff] [blame]	42	// TODO(npm): FedCM is currently restricted to contexts where third party
Zachary Tan	00aa3ac	2023-08-02 20:05:39	[diff] [blame]	43	// cookies are not blocked unless the FedCmWithoutThirdPartyCookies flag or
				44	// FedCmIdpSigninStatusEnabled flag is enabled. Once the privacy improvements
				45	// for the API are implemented, remove this restriction. See
				46	// https://crbug.com/13043
Zachary Tan	3309272	2022-11-15 18:59:38	[diff] [blame]	47	if (cookie_settings_->ShouldBlockThirdPartyCookies() &&
Olesia Marukhno	be5c486	2023-07-18 16:29:54	[diff] [blame]	48	!cookie_settings_->IsThirdPartyAccessAllowed(rp_embedder_url) &&
Zachary Tan	00aa3ac	2023-08-02 20:05:39	[diff] [blame]	49	!base::FeatureList::IsEnabled(features::kFedCmWithoutThirdPartyCookies) &&
				50	!base::FeatureList::IsEnabled(features::kFedCmIdpSigninStatusEnabled)) {
Peter Kotwicz	153898a	2022-05-05 18:48:39	[diff] [blame]	51	return PermissionStatus::BLOCKED_THIRD_PARTY_COOKIES_BLOCKED;
Peter Kotwicz	af746d3	2022-12-07 02:18:36	[diff] [blame]	52	}
Peter Kotwicz	153898a	2022-05-05 18:48:39	[diff] [blame]	53
Peter Kotwicz	d4900eb8	2022-04-22 21:55:59	[diff] [blame]	54	const ContentSetting setting = host_content_settings_map_->GetContentSetting(
Peter Kotwicz	51d5ddf	2022-08-19 23:20:40	[diff] [blame]	55	rp_embedder_url, rp_embedder_url,
				56	ContentSettingsType::FEDERATED_IDENTITY_API);
Peter Kotwicz	d4900eb8	2022-04-22 21:55:59	[diff] [blame]	57	switch (setting) {
				58	case CONTENT_SETTING_ALLOW:
				59	break;
				60	case CONTENT_SETTING_BLOCK:
Peter Kotwicz	153898a	2022-05-05 18:48:39	[diff] [blame]	61	return PermissionStatus::BLOCKED_SETTINGS;
Peter Kotwicz	d4900eb8	2022-04-22 21:55:59	[diff] [blame]	62	default:
				63	NOTREACHED();
Peter Kotwicz	153898a	2022-05-05 18:48:39	[diff] [blame]	64	return PermissionStatus::BLOCKED_SETTINGS;
Peter Kotwicz	ae649ee	2022-04-22 16:01:09	[diff] [blame]	65	}
				66
Peter Kotwicz	63559a8	2022-06-07 03:46:35	[diff] [blame]	67	if (permission_autoblocker_->IsEmbargoed(
Peter Kotwicz	51d5ddf	2022-08-19 23:20:40	[diff] [blame]	68	rp_embedder_url, ContentSettingsType::FEDERATED_IDENTITY_API)) {
Peter Kotwicz	153898a	2022-05-05 18:48:39	[diff] [blame]	69	return PermissionStatus::BLOCKED_EMBARGO;
Peter Kotwicz	63559a8	2022-06-07 03:46:35	[diff] [blame]	70	}
Peter Kotwicz	153898a	2022-05-05 18:48:39	[diff] [blame]	71	return PermissionStatus::GRANTED;
Nicolás Peña Moreno	0c974faf	2022-03-10 16:05:12	[diff] [blame]	72	}
Peter Kotwicz	ae649ee	2022-04-22 16:01:09	[diff] [blame]	73
				74	void FederatedIdentityApiPermissionContext::RecordDismissAndEmbargo(
Peter Kotwicz	51d5ddf	2022-08-19 23:20:40	[diff] [blame]	75	const url::Origin& relying_party_embedder) {
				76	const GURL rp_embedder_url = relying_party_embedder.GetURL();
				77	// If content setting is allowed for `rp_embedder_url`, reset it.
Peter Kotwicz	7236eac	2022-07-11 22:05:04	[diff] [blame]	78	// See crbug.com/1340127 for why the resetting is not conditional on the
				79	// default content setting state.
				80	const ContentSetting setting = host_content_settings_map_->GetContentSetting(
Peter Kotwicz	51d5ddf	2022-08-19 23:20:40	[diff] [blame]	81	rp_embedder_url, rp_embedder_url,
				82	ContentSettingsType::FEDERATED_IDENTITY_API);
Peter Kotwicz	7236eac	2022-07-11 22:05:04	[diff] [blame]	83	if (setting == CONTENT_SETTING_ALLOW) {
				84	host_content_settings_map_->SetContentSettingDefaultScope(
Peter Kotwicz	51d5ddf	2022-08-19 23:20:40	[diff] [blame]	85	rp_embedder_url, rp_embedder_url,
				86	ContentSettingsType::FEDERATED_IDENTITY_API, CONTENT_SETTING_DEFAULT);
Peter Kotwicz	7236eac	2022-07-11 22:05:04	[diff] [blame]	87	}
Peter Kotwicz	ae649ee	2022-04-22 16:01:09	[diff] [blame]	88	permission_autoblocker_->RecordDismissAndEmbargo(
Peter Kotwicz	51d5ddf	2022-08-19 23:20:40	[diff] [blame]	89	rp_embedder_url, ContentSettingsType::FEDERATED_IDENTITY_API,
Peter Kotwicz	ae649ee	2022-04-22 16:01:09	[diff] [blame]	90	false /* dismissed_prompt_was_quiet */);
				91	}
				92
				93	void FederatedIdentityApiPermissionContext::RemoveEmbargoAndResetCounts(
Peter Kotwicz	51d5ddf	2022-08-19 23:20:40	[diff] [blame]	94	const url::Origin& relying_party_embedder) {
Peter Kotwicz	ae649ee	2022-04-22 16:01:09	[diff] [blame]	95	permission_autoblocker_->RemoveEmbargoAndResetCounts(
Peter Kotwicz	51d5ddf	2022-08-19 23:20:40	[diff] [blame]	96	relying_party_embedder.GetURL(),
				97	ContentSettingsType::FEDERATED_IDENTITY_API);
Peter Kotwicz	ae649ee	2022-04-22 16:01:09	[diff] [blame]	98	}