install_verifier.h revision a1401311d1ab56c4ed0a474bd38c108f75cb0cd9
1// Copyright 2013 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef CHROME_BROWSER_EXTENSIONS_INSTALL_VERIFIER_H_ 6#define CHROME_BROWSER_EXTENSIONS_INSTALL_VERIFIER_H_ 7 8#include <queue> 9#include <set> 10#include <string> 11 12#include "base/basictypes.h" 13#include "base/callback.h" 14#include "base/memory/linked_ptr.h" 15#include "base/memory/scoped_ptr.h" 16#include "extensions/browser/management_policy.h" 17#include "extensions/common/extension.h" 18 19namespace net { 20class URLRequestContextGetter; 21} 22 23namespace extensions { 24 25class ExtensionPrefs; 26class InstallSigner; 27struct InstallSignature; 28 29// This class implements verification that a set of extensions are either from 30// the webstore or are whitelisted by enterprise policy. The webstore 31// verification process works by sending a request to a backend server to get a 32// signature proving that a set of extensions are verified. This signature is 33// written into the extension preferences and is checked for validity when 34// being read back again. 35// 36// This class should be kept notified of runtime changes to the set of 37// extensions installed from the webstore. 38class InstallVerifier : public ManagementPolicy::Provider { 39 public: 40 InstallVerifier(ExtensionPrefs* prefs, 41 net::URLRequestContextGetter* context_getter); 42 virtual ~InstallVerifier(); 43 44 // Returns whether |extension| is of a type that needs verification. 45 static bool NeedsVerification(const Extension& extension); 46 47 // Initializes this object for use, including reading preferences and 48 // validating the stored signature. 49 void Init(); 50 51 // Do we need to be bootstrapped? (i.e. do we have a signature already). If 52 // this is true, then consumers of this class should use Add/AddMany to get 53 // an initial one so that MustRemainDisabled can actually check against it. 54 bool NeedsBootstrap(); 55 56 // Returns the timestamp of our InstallSignature, if we have one. 57 base::Time SignatureTimestamp(); 58 59 // Returns true if |id| is either verified or our stored signature explicitly 60 // tells us that it was invalid when we asked the server about it. 61 bool IsKnownId(const std::string& id); 62 63 // A callback for indicating success/failure of adding new ids. 64 typedef base::Callback<void(bool)> AddResultCallback; 65 66 // Try adding a new |id| (or set of ids) to the list of verified ids. When 67 // this process is finished |callback| will be run with success/failure of 68 // the signature request (not necessarily whether the ids were verified). 69 void Add(const std::string& id, const AddResultCallback& callback); 70 void AddMany(const ExtensionIdSet& ids, 71 const AddResultCallback& callback); 72 73 // Call this to add a set of ids that will immediately be considered allowed, 74 // and kick off an aysnchronous request to Add. 75 void AddProvisional(const ExtensionIdSet& ids); 76 77 // Removes an id or set of ids from the verified list. 78 void Remove(const std::string& id); 79 void RemoveMany(const ExtensionIdSet& ids); 80 81 // ManagementPolicy::Provider interface. 82 virtual std::string GetDebugPolicyProviderName() const OVERRIDE; 83 virtual bool MustRemainDisabled(const Extension* extension, 84 Extension::DisableReason* reason, 85 base::string16* error) const OVERRIDE; 86 87 private: 88 // We keep a list of operations to the current set of extensions - either 89 // additions or removals. 90 enum OperationType { 91 ADD, 92 REMOVE 93 }; 94 95 // This is an operation we want to apply to the current set of verified ids. 96 struct PendingOperation { 97 OperationType type; 98 99 // This is the set of ids being either added or removed. 100 ExtensionIdSet ids; 101 102 AddResultCallback callback; 103 104 explicit PendingOperation(); 105 ~PendingOperation(); 106 }; 107 108 // Removes any no-longer-installed ids, requesting a new signature if needed. 109 void GarbageCollect(); 110 111 // Returns whether an extension id is allowed by policy. 112 bool AllowedByEnterprisePolicy(const std::string& id) const; 113 114 // Returns whether the given |id| is included in our verified signature. 115 bool IsVerified(const std::string& id) const; 116 117 // Returns true if the extension with |id| was installed later than the 118 // timestamp of our signature. 119 bool WasInstalledAfterSignature(const std::string& id) const; 120 121 // Begins the process of fetching a new signature, based on applying the 122 // operation at the head of the queue to the current set of ids in 123 // |signature_| (if any) and then sending a request to sign that. 124 void BeginFetch(); 125 126 // Saves the current value of |signature_| to the prefs; 127 void SaveToPrefs(); 128 129 // Called with the result of a signature request, or NULL on failure. 130 void SignatureCallback(scoped_ptr<InstallSignature> signature); 131 132 ExtensionPrefs* prefs_; 133 net::URLRequestContextGetter* context_getter_; 134 135 // This is the most up-to-date signature, read out of |prefs_| during 136 // initialization and updated anytime we get new id's added. 137 scoped_ptr<InstallSignature> signature_; 138 139 // The current InstallSigner, if we have a signature request running. 140 scoped_ptr<InstallSigner> signer_; 141 142 // A queue of operations to apply to the current set of allowed ids. 143 std::queue<linked_ptr<PendingOperation> > operation_queue_; 144 145 // A set of ids that have been provisionally added, which we're willing to 146 // consider allowed until we hear back from the server signature request. 147 ExtensionIdSet provisional_; 148 149 DISALLOW_COPY_AND_ASSIGN(InstallVerifier); 150}; 151 152} // namespace extensions 153 154#endif // CHROME_BROWSER_EXTENSIONS_INSTALL_VERIFIER_H_ 155