1 // Copyright 2020 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef SERVICES_NETWORK_TRUST_TOKENS_TRUST_TOKEN_KEY_COMMITMENT_PARSER_H_ 6 #define SERVICES_NETWORK_TRUST_TOKENS_TRUST_TOKEN_KEY_COMMITMENT_PARSER_H_ 7 8 #include <memory> 9 10 #include "base/strings/string_piece_forward.h" 11 #include "services/network/public/mojom/trust_tokens.mojom-forward.h" 12 #include "services/network/trust_tokens/suitable_trust_token_origin.h" 13 #include "services/network/trust_tokens/trust_token_key_commitment_controller.h" 14 15 namespace network { 16 17 // These field names are from the key commitment JSON format specified in the 18 // Trust Tokens design doc 19 // (https://docs.google.com/document/d/1TNnya6B8pyomDK2F1R9CL3dY10OAmqWlnCxsWyOBDVQ/edit#bookmark=id.6wh9crbxdizi). 20 // "protocol version" (version of Trust Token used for this commitment): 21 extern const char kTrustTokenKeyCommitmentProtocolVersionField[]; 22 // This commitment's ID, used for mediating between concurrencyID for this key 23 // commitment): 24 extern const char kTrustTokenKeyCommitmentIDField[]; 25 // "Batch size" (number of blinded tokens to provide per issuance request): 26 extern const char kTrustTokenKeyCommitmentBatchsizeField[]; 27 // Each issuance key's expiry timestamp: 28 extern const char kTrustTokenKeyCommitmentExpiryField[]; 29 // Each issuance key's key material: 30 extern const char kTrustTokenKeyCommitmentKeyField[]; 31 32 // The operating systems on which to request issuance via system mediation 33 // rather than through a request to the issuer's website: 34 extern const char kTrustTokenKeyCommitmentRequestIssuanceLocallyOnField[]; 35 extern const char kTrustTokenKeyCommitmentOsAndroid[]; 36 37 // The desired fallback behavior when local issuance isn't available on the 38 // requested operating system: 39 extern const char 40 kTrustTokenKeyCommitmentUnavailableLocalIssuanceFallbackField[]; 41 extern const char kTrustTokenLocalIssuanceFallbackWebIssuance[]; 42 extern const char kTrustTokenLocalIssuanceFallbackReturnWithError[]; 43 44 class TrustTokenKeyCommitmentParser 45 : public TrustTokenKeyCommitmentController::Parser { 46 public: 47 TrustTokenKeyCommitmentParser() = default; 48 ~TrustTokenKeyCommitmentParser() override = default; 49 50 // Parses a JSON key commitment response, returning nullptr if the input is 51 // not a valid representation of a JSON dictionary containing all required 52 // fields listed in the Trust Tokens design doc, the current normative source 53 // for key commitment responses' format: 54 // 55 // https://docs.google.com/document/d/1TNnya6B8pyomDK2F1R9CL3dY10OAmqWlnCxsWyOBDVQ/edit#heading=h.wkezf6pcskvh 56 mojom::TrustTokenKeyCommitmentResultPtr Parse( 57 base::StringPiece response_body) override; 58 59 // Like |Parse|, except that the input is expected to be of the form 60 // { "https://some-issuer.example": <JSON in the form expected by |Parse|> 61 // "https://some-other-issuer.example": 62 // <JSON in the form expected by |Parse|>, 63 // ... } 64 // 65 // Returns nullptr if the input is not a dictionary. 66 // 67 // WARNING: If there are multiple keys that are exactly equal strings, 68 // deduplicates these entries arbitrarily (due to the behavior of 69 // base::JSONReader). For instance, if these keys are arriving through the 70 // component updater, you might want to guarantee that the server-side logic 71 // producing these structures guarantees no duplicate keys. 72 // 73 // If there are multiple keys that are not exact duplicates but correspond to 74 // the same issuer, drops all but the entry with the largest key 75 // lexicographically. 76 // 77 // Skips key-value pairs where the key is not a suitable Trust Tokens origin 78 // or the value fails to parse. 79 std::unique_ptr<base::flat_map<SuitableTrustTokenOrigin, 80 mojom::TrustTokenKeyCommitmentResultPtr>> 81 ParseMultipleIssuers(base::StringPiece response_body); 82 }; 83 84 } // namespace network 85 86 #endif // SERVICES_NETWORK_TRUST_TOKENS_TRUST_TOKEN_KEY_COMMITMENT_PARSER_H_ 87