12a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// Copyright (c) 2013 The Chromium Authors. All rights reserved. 22a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 32a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// found in the LICENSE file. 42a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 52a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "chrome/common/extensions/api/identity/oauth2_manifest_handler.h" 62a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 72a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "base/lazy_instance.h" 82a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "base/memory/scoped_ptr.h" 9868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)#include "base/strings/utf_string_conversions.h" 102a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "base/values.h" 112a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "extensions/common/error_utils.h" 12d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles)#include "extensions/common/manifest_constants.h" 132a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 142a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)namespace { 152a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 162a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// Manifest keys. 172a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)const char kClientId[] = "client_id"; 182a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)const char kScopes[] = "scopes"; 19868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)const char kAutoApprove[] = "auto_approve"; 202a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 212a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} // namespace 222a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 232a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)namespace extensions { 242a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 25d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles)namespace keys = manifest_keys; 26d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles)namespace errors = manifest_errors; 27d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) 28868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)OAuth2Info::OAuth2Info() : auto_approve(false) {} 292a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)OAuth2Info::~OAuth2Info() {} 302a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 312a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)static base::LazyInstance<OAuth2Info> g_empty_oauth2_info = 322a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) LAZY_INSTANCE_INITIALIZER; 332a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 342a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// static 352a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)const OAuth2Info& OAuth2Info::GetOAuth2Info(const Extension* extension) { 362a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) OAuth2Info* info = static_cast<OAuth2Info*>( 372a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) extension->GetManifestData(keys::kOAuth2)); 382a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) return info ? *info : g_empty_oauth2_info.Get(); 392a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} 402a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 412a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)OAuth2ManifestHandler::OAuth2ManifestHandler() { 422a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} 432a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 442a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)OAuth2ManifestHandler::~OAuth2ManifestHandler() { 452a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} 462a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 472a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)bool OAuth2ManifestHandler::Parse(Extension* extension, 48a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) base::string16* error) { 492a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) scoped_ptr<OAuth2Info> info(new OAuth2Info); 507d4cd473f85ac64c3747c96c277f9e506a0d2246Torne (Richard Coles) const base::DictionaryValue* dict = NULL; 51eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch if (!extension->manifest()->GetDictionary(keys::kOAuth2, &dict)) { 525d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) *error = base::ASCIIToUTF16(errors::kInvalidOAuth2ClientId); 53eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch return false; 54eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch } 55eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch 56eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch // HasPath checks for whether the manifest is allowed to have 57eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch // oauth2.auto_approve based on whitelist, and if it is present. 58eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch // GetBoolean reads the value of auto_approve directly from dict to prevent 59eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch // duplicate checking. 60eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch if (extension->manifest()->HasPath(keys::kOAuth2AutoApprove) && 61eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch !dict->GetBoolean(kAutoApprove, &info->auto_approve)) { 625d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) *error = base::ASCIIToUTF16(errors::kInvalidOAuth2AutoApprove); 63eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch return false; 64eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch } 65eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch 66eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch // Component apps using auto_approve may use Chrome's client ID by 67eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch // omitting the field. 68eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch if ((!dict->GetString(kClientId, &info->client_id) || 69eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch info->client_id.empty()) && 70eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch (extension->location() != Manifest::COMPONENT || !info->auto_approve)) { 715d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) *error = base::ASCIIToUTF16(errors::kInvalidOAuth2ClientId); 722a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) return false; 732a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) } 742a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 757d4cd473f85ac64c3747c96c277f9e506a0d2246Torne (Richard Coles) const base::ListValue* list = NULL; 762a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) if (!dict->GetList(kScopes, &list)) { 775d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) *error = base::ASCIIToUTF16(errors::kInvalidOAuth2Scopes); 782a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) return false; 792a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) } 802a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 812a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) for (size_t i = 0; i < list->GetSize(); ++i) { 822a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) std::string scope; 832a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) if (!list->GetString(i, &scope)) { 845d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) *error = base::ASCIIToUTF16(errors::kInvalidOAuth2Scopes); 852a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) return false; 862a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) } 872a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) info->scopes.push_back(scope); 882a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) } 892a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 902a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) extension->SetManifestData(keys::kOAuth2, info.release()); 912a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) return true; 922a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} 932a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 942a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)const std::vector<std::string> OAuth2ManifestHandler::Keys() const { 952a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) return SingleKey(keys::kOAuth2); 962a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} 972a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 982a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} // namespace extensions 99