[FedCM] Introduce boolean is_registered_config_url
The existing boolean in IdentityProviderConfig is pretty much unneeded, so it is replaced with this. The boolean means whether the IDP it represents corresponds to one related to IDP registration or not. It will be used to relax the well-known checks for registered IdPs, as per https://github.com/w3c-fedid/idp-registration/issues/4#issuecomment-2334800148 Bug: 346572117 Change-Id: I61655cebac98f26939f6e3621adb1c18fd607445 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6138067 Reviewed-by: Christian Biesinger <cbiesinger@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org> Owners-Override: Nicolás Peña <npm@chromium.org> Cr-Commit-Position: refs/heads/main@{#1401880}
This commit is contained in:
Nicolás Peña
committed by
Chromium LUCI CQ
Chromium LUCI CQ
parent
eb763cc410
commit
15b2696dea
content/browser/webid
third_party/blink
public
mojom
renderer
modules
credentialmanagement
@ -588,14 +588,15 @@ FederatedAuthRequestImpl::MaybeAddRegisteredProviders(
|
||||
std::reverse(registered_config_urls.begin(), registered_config_urls.end());
|
||||
|
||||
for (auto& provider : providers) {
|
||||
if (!provider->config->use_registered_config_urls) {
|
||||
if (!provider->config->from_idp_registration_api) {
|
||||
result.emplace_back(provider->Clone());
|
||||
continue;
|
||||
}
|
||||
|
||||
for (auto& configURL : registered_config_urls) {
|
||||
blink::mojom::IdentityProviderRequestOptionsPtr idp = provider->Clone();
|
||||
idp->config->use_registered_config_urls = false;
|
||||
// Keep `from_idp_registration_api` so it is clear this is a registered
|
||||
// provider.
|
||||
idp->config->config_url = configURL;
|
||||
result.emplace_back(std::move(idp));
|
||||
}
|
||||
|
||||
@ -1626,9 +1626,8 @@ class FederatedAuthRequestImplTest : public RenderViewHostImplTestHarness {
|
||||
return federated_auth_request_impl_->MaybeAddRegisteredProviders(providers);
|
||||
}
|
||||
|
||||
blink::mojom::IdentityProviderRequestOptionsPtr NewNamedIdP(
|
||||
GURL config_url,
|
||||
std::string client_id) {
|
||||
blink::mojom::IdentityProviderRequestOptionsPtr
|
||||
NewNamedIdP(GURL config_url, std::string client_id, bool is_registered) {
|
||||
blink::mojom::IdentityProviderRequestOptionsPtr options =
|
||||
blink::mojom::IdentityProviderRequestOptions::New();
|
||||
blink::mojom::IdentityProviderConfigPtr config =
|
||||
@ -1636,6 +1635,7 @@ class FederatedAuthRequestImplTest : public RenderViewHostImplTestHarness {
|
||||
config->config_url = config_url;
|
||||
config->client_id = client_id;
|
||||
options->config = std::move(config);
|
||||
options->config->from_idp_registration_api = is_registered;
|
||||
return options;
|
||||
}
|
||||
|
||||
@ -1643,7 +1643,7 @@ class FederatedAuthRequestImplTest : public RenderViewHostImplTestHarness {
|
||||
std::string client_id) {
|
||||
blink::mojom::IdentityProviderConfigPtr config =
|
||||
blink::mojom::IdentityProviderConfig::New();
|
||||
config->use_registered_config_urls = true;
|
||||
config->from_idp_registration_api = true;
|
||||
config->client_id = client_id;
|
||||
blink::mojom::IdentityProviderRequestOptionsPtr options =
|
||||
blink::mojom::IdentityProviderRequestOptions::New();
|
||||
@ -6915,14 +6915,16 @@ TEST_F(FederatedAuthRequestImplTest, MaybeAddRegisteredProvidersEmptyList) {
|
||||
// Test that no registered IdP with only named providers requested.
|
||||
TEST_F(FederatedAuthRequestImplTest, MaybeAddRegisteredProvidersNamed) {
|
||||
std::vector<blink::mojom::IdentityProviderRequestOptionsPtr> providers;
|
||||
providers.emplace_back(NewNamedIdP(GURL("https://idp.example"), kClientId));
|
||||
providers.emplace_back(NewNamedIdP(GURL("https://idp.example"), kClientId,
|
||||
/*is_registered=*/false));
|
||||
|
||||
std::vector<blink::mojom::IdentityProviderRequestOptionsPtr> result =
|
||||
MaybeAddRegisteredProviders(providers);
|
||||
|
||||
// Expects the vector to be the same.
|
||||
std::vector<blink::mojom::IdentityProviderRequestOptionsPtr> expected;
|
||||
expected.emplace_back(NewNamedIdP(GURL("https://idp.example"), kClientId));
|
||||
expected.emplace_back(NewNamedIdP(GURL("https://idp.example"), kClientId,
|
||||
/*is_registered=*/false));
|
||||
|
||||
EXPECT_EQ(expected, result);
|
||||
}
|
||||
@ -6943,7 +6945,8 @@ TEST_F(FederatedAuthRequestImplTest, MaybeAddRegisteredProvidersAdded) {
|
||||
|
||||
// Expects that the registered IdP gets replaced by a named IdP.
|
||||
std::vector<blink::mojom::IdentityProviderRequestOptionsPtr> expected;
|
||||
expected.emplace_back(NewNamedIdP(GURL("https://idp.example"), kClientId));
|
||||
expected.emplace_back(NewNamedIdP(GURL("https://idp.example"), kClientId,
|
||||
/*is_registered=*/true));
|
||||
|
||||
EXPECT_EQ(expected, result);
|
||||
}
|
||||
@ -6966,8 +6969,10 @@ TEST_F(FederatedAuthRequestImplTest,
|
||||
|
||||
// Expects that the registered IdP gets replaced by a named IdP.
|
||||
std::vector<blink::mojom::IdentityProviderRequestOptionsPtr> expected;
|
||||
expected.emplace_back(NewNamedIdP(GURL("https://idp.example"), kClientId));
|
||||
expected.emplace_back(NewNamedIdP(GURL("https://idp.example"), kClientId));
|
||||
expected.emplace_back(NewNamedIdP(GURL("https://idp.example"), kClientId,
|
||||
/*is_registered=*/true));
|
||||
expected.emplace_back(NewNamedIdP(GURL("https://idp.example"), kClientId,
|
||||
/*is_registered=*/true));
|
||||
|
||||
EXPECT_EQ(expected, result);
|
||||
}
|
||||
@ -6989,8 +6994,10 @@ TEST_F(FederatedAuthRequestImplTest,
|
||||
MaybeAddRegisteredProviders(providers);
|
||||
|
||||
std::vector<blink::mojom::IdentityProviderRequestOptionsPtr> expected;
|
||||
expected.emplace_back(NewNamedIdP(GURL("https://idp2.example"), kClientId));
|
||||
expected.emplace_back(NewNamedIdP(GURL("https://idp1.example"), kClientId));
|
||||
expected.emplace_back(NewNamedIdP(GURL("https://idp2.example"), kClientId,
|
||||
/*is_registered=*/true));
|
||||
expected.emplace_back(NewNamedIdP(GURL("https://idp1.example"), kClientId,
|
||||
/*is_registered=*/true));
|
||||
|
||||
EXPECT_EQ(expected, result);
|
||||
}
|
||||
@ -6999,9 +7006,11 @@ TEST_F(FederatedAuthRequestImplTest,
|
||||
TEST_F(FederatedAuthRequestImplTest,
|
||||
MaybeAddRegisteredProvidersInsertedInline) {
|
||||
std::vector<blink::mojom::IdentityProviderRequestOptionsPtr> providers;
|
||||
providers.emplace_back(NewNamedIdP(GURL("https://idp1.example"), kClientId));
|
||||
providers.emplace_back(NewNamedIdP(GURL("https://idp1.example"), kClientId,
|
||||
/*is_registered=*/false));
|
||||
providers.emplace_back(NewRegisteredIdP(kClientId));
|
||||
providers.emplace_back(NewNamedIdP(GURL("https://idp2.example"), kClientId));
|
||||
providers.emplace_back(NewNamedIdP(GURL("https://idp2.example"), kClientId,
|
||||
/*is_registered=*/false));
|
||||
|
||||
std::vector<GURL> registry;
|
||||
registry.emplace_back("https://idp-registered1.example");
|
||||
@ -7015,12 +7024,14 @@ TEST_F(FederatedAuthRequestImplTest,
|
||||
|
||||
// Expects that the registered IdP gets replaced by a named IdP.
|
||||
std::vector<blink::mojom::IdentityProviderRequestOptionsPtr> expected;
|
||||
expected.emplace_back(NewNamedIdP(GURL("https://idp1.example"), kClientId));
|
||||
expected.emplace_back(
|
||||
NewNamedIdP(GURL("https://idp-registered2.example"), kClientId));
|
||||
expected.emplace_back(
|
||||
NewNamedIdP(GURL("https://idp-registered1.example"), kClientId));
|
||||
expected.emplace_back(NewNamedIdP(GURL("https://idp2.example"), kClientId));
|
||||
expected.emplace_back(NewNamedIdP(GURL("https://idp1.example"), kClientId,
|
||||
/*is_registered=*/false));
|
||||
expected.emplace_back(NewNamedIdP(GURL("https://idp-registered2.example"),
|
||||
kClientId, /*is_registered=*/true));
|
||||
expected.emplace_back(NewNamedIdP(GURL("https://idp-registered1.example"),
|
||||
kClientId, /*is_registered=*/true));
|
||||
expected.emplace_back(NewNamedIdP(GURL("https://idp2.example"), kClientId,
|
||||
/*is_registered=*/false));
|
||||
|
||||
EXPECT_EQ(expected, result);
|
||||
}
|
||||
|
||||
@ -74,9 +74,8 @@ struct IdentityProviderConfig {
|
||||
// Explicitly references a specific provider by a Config URL.
|
||||
url.mojom.Url config_url;
|
||||
|
||||
// Indirectly references providers that have been registered in the past
|
||||
// rather than directly.
|
||||
bool use_registered_config_urls;
|
||||
// Whether this config comes from the IDP registration API.
|
||||
bool from_idp_registration_api;
|
||||
|
||||
// When using registered IDPs, this contains the type of IDP requested.
|
||||
string? type;
|
||||
|
||||
2
third_party/blink/renderer/modules/credentialmanagement/credential_manager_type_converters.cc
vendored
2
third_party/blink/renderer/modules/credentialmanagement/credential_manager_type_converters.cc
vendored
@ -944,7 +944,7 @@ TypeConverter<IdentityProviderRequestOptionsPtr,
|
||||
CHECK(options.hasConfigURL());
|
||||
if (blink::RuntimeEnabledFeatures::FedCmIdPRegistrationEnabled() &&
|
||||
options.configURL() == "any") {
|
||||
mojo_options->config->use_registered_config_urls = true;
|
||||
mojo_options->config->from_idp_registration_api = true;
|
||||
// We only set the `type` if `configURL` is 'any'.
|
||||
if (options.hasType()) {
|
||||
mojo_options->config->type = options.type();
|
||||
|
||||
Reference in New Issue
Block a user