[DC] Introduce feature flags to control digital credential creation

This CL adds the followings:
- base:Feature to control the logic on the browser side.
- Runtime Feature to control the corresponding renderer side.
- about://flags flag to control both features.

No logic is added in this CL.
Logic will be in follow-up CLs.

Bug: 378330032
Change-Id: I5d7d30442d3c8478697ef1d4a17ce46e696b694f
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6012398
Reviewed-by: Christian Biesinger <cbiesinger@chromium.org>
Reviewed-by: Nasko Oskov <nasko@chromium.org>
Reviewed-by: Yi Gu <yigu@chromium.org>
Commit-Queue: Mohamed Amir Yosef <mamir@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1383223}

chrome/browser/about_flags.cc

@@ -8932,6 +8932,12 @@ const FeatureEntry kFeatureEntries[] = {
          kWebIdentityDigitalIdentityCredentialVariations,
          "WebIdentityDigitalCredentials")},
 
+    {"web-identity-digital-credentials-creation",
+     flag_descriptions::kWebIdentityDigitalCredentialsCreationName,
+     flag_descriptions::kWebIdentityDigitalCredentialsCreationDescription,
+     kOsAll,
+     FEATURE_VALUE_TYPE(features::kWebIdentityDigitalCredentialsCreation)},
+
     {"sanitizer-api", flag_descriptions::kSanitizerApiName,
      flag_descriptions::kSanitizerApiDescription, kOsAll,
      FEATURE_VALUE_TYPE(blink::features::kSanitizerAPI)},

chrome/browser/flag-metadata.json

@@ -1,3 +1,4 @@
+
 // vim: set ft=json5:
 // This file lists metadata for chrome://flags entries. This metadata is used to
 // automatically expire flags, as part of the review process, and to clean up
@@ -9346,6 +9347,11 @@
     "owners": ["goto@chromium.org", "web-identity-eng@google.com"],
     "expiry_milestone": 135
   },
+  {
+    "name": "web-identity-digital-credentials-creation",
+    "owners": ["mamir@chromium.org", "web-identity-eng@google.com"],
+    "expiry_milestone": 140
+  },
   {
     "name": "web-machine-learning-neural-network",
     "owners": [ "qjw@chromium.org", "ningxin.hu@intel.com", "rafael.cintron@microsoft.com" ],

chrome/browser/flag_descriptions.cc

@@ -1952,6 +1952,11 @@ const char kWebIdentityDigitalCredentialsName[] = "DigitalCredentials";
 const char kWebIdentityDigitalCredentialsDescription[] =
     "Enables the three-party verifier/holder/issuer identity model.";
 
+const char kWebIdentityDigitalCredentialsCreationName[] =
+    "DigitalCredentialsCreation";
+const char kWebIdentityDigitalCredentialsCreationDescription[] =
+    "Enables the Digital Credentials Creation API.";
+
 const char kFileHandlingIconsName[] = "File Handling Icons";
 const char kFileHandlingIconsDescription[] =
     "Allows websites using the file handling API to also register file type "

chrome/browser/flag_descriptions.h

@@ -1100,6 +1100,9 @@ extern const char kFedCmWithoutWellKnownEnforcementDescription[];
 extern const char kWebIdentityDigitalCredentialsName[];
 extern const char kWebIdentityDigitalCredentialsDescription[];
 
+extern const char kWebIdentityDigitalCredentialsCreationName[];
+extern const char kWebIdentityDigitalCredentialsCreationDescription[];
+
 extern const char kFileHandlingIconsName[];
 extern const char kFileHandlingIconsDescription[];
 

content/browser/webid/flags.cc

@@ -59,6 +59,11 @@ bool IsWebIdentityDigitalCredentialsEnabled() {
   return base::FeatureList::IsEnabled(features::kWebIdentityDigitalCredentials);
 }
 
+bool IsWebIdentityDigitalCredentialsCreationEnabled() {
+  return base::FeatureList::IsEnabled(
+      features::kWebIdentityDigitalCredentialsCreation);
+}
+
 bool IsFedCmUseOtherAccountEnabled() {
   // The active mode origin trial can also enable this feature at this moment.
   return base::FeatureList::IsEnabled(features::kFedCmUseOtherAccount) ||

content/browser/webid/flags.h

@@ -49,6 +49,9 @@ bool IsFedCmWithoutWellKnownEnforcementEnabled();
 // Whether the Web Identity Digital Credentials API is enabled.
 bool IsWebIdentityDigitalCredentialsEnabled();
 
+// Whether the Web Identity Digital Credentials Creation API is enabled.
+bool IsWebIdentityDigitalCredentialsCreationEnabled();
+
 // Whether "Use Other Account" is enabled.
 bool IsFedCmUseOtherAccountEnabled();
 

content/child/runtime_features.cc

@@ -300,6 +300,9 @@ void SetRuntimeFeaturesFromChromiumFeatures() {
           {wf::EnableWebIdentityDigitalCredentials,
            raw_ref(features::kWebIdentityDigitalCredentials),
            kSetOnlyIfOverridden},
+          {wf::EnableWebIdentityDigitalCredentialsCreation,
+           raw_ref(features::kWebIdentityDigitalCredentialsCreation),
+           kSetOnlyIfOverridden},
           {wf::EnableWebOTP, raw_ref(features::kWebOTP), kSetOnlyIfOverridden},
           {wf::EnableWebOTPAssertionFeaturePolicy,
            raw_ref(features::kWebOTPAssertionFeaturePolicy),

content/public/common/content_features.cc

@@ -516,6 +516,11 @@ BASE_FEATURE(kWebIdentityDigitalCredentials,
              "WebIdentityDigitalCredentials",
              base::FEATURE_ENABLED_BY_DEFAULT);
 
+// Enables the Digital Credentials Creation API.
+BASE_FEATURE(kWebIdentityDigitalCredentialsCreation,
+             "WebIdentityDigitalCredentialsCreation",
+             base::FEATURE_DISABLED_BY_DEFAULT);
+
 // Enables scrollers inside Blink to store scroll offsets in fractional
 // floating-point numbers rather than truncating to integers.
 BASE_FEATURE(kFractionalScrollOffsets,

content/public/common/content_features.h

@@ -127,6 +127,7 @@ CONTENT_EXPORT BASE_DECLARE_FEATURE(kFedCmWithoutWellKnownEnforcement);
 CONTENT_EXPORT BASE_DECLARE_FEATURE(kFencedFramesEnforceFocus);
 CONTENT_EXPORT BASE_DECLARE_FEATURE(kForwardMemoryPressureToBlinkIsolates);
 CONTENT_EXPORT BASE_DECLARE_FEATURE(kWebIdentityDigitalCredentials);
+CONTENT_EXPORT BASE_DECLARE_FEATURE(kWebIdentityDigitalCredentialsCreation);
 CONTENT_EXPORT BASE_DECLARE_FEATURE(kFractionalScrollOffsets);
 CONTENT_EXPORT BASE_DECLARE_FEATURE(kGreaseUACH);
 CONTENT_EXPORT BASE_DECLARE_FEATURE(kGuestViewMPArch);

third_party/blink/renderer/platform/runtime_enabled_features.json5

@@ -4885,11 +4885,17 @@
       origin_trial_feature_name: "WebIdentityDigitalCredentials",
       origin_trial_os: ["android"],
       origin_trial_allows_third_party: true,
-      depends_on: ["FedCm"],
+      implied_by: ["WebIdentityDigitalCredentialsCreation"],
       public: true,
       status: "experimental",
       base_feature: "none",
     },
+    {
+      name: "WebIdentityDigitalCredentialsCreation",
+      public: true,
+      status: "test",
+      base_feature: "none",
+    },
     // Kill switch for making BigInt handling in WebIDL use ToBigInt.
     {
       name: "WebIDLBigIntUsesToBigInt",

tools/metrics/histograms/enums.xml

@@ -17622,6 +17622,8 @@ from previous Chrome versions.
   <int value="-1077752943" label="enable-password-generation"/>
   <int value="-1077534880" label="OmniboxDynamicMaxAutocomplete:enabled"/>
   <int value="-1077006912" label="ReadAnythingOmniboxIcon:disabled"/>
+  <int value="-1076661289"
+      label="WebIdentityDigitalCredentialsCreation:disabled"/>
   <int value="-1075156797" label="enable-brotli"/>
   <int value="-1075089382" label="enable-physical-web"/>
   <int value="-1074257709" label="ScalableAppList:enabled"/>
@@ -19747,6 +19749,8 @@ from previous Chrome versions.
       label="ClearLoginDatabaseForAllMigratedUPMUsers:enabled"/>
   <int value="-213893901"
       label="AutofillUpstreamAuthenticatePreflightCall:disabled"/>
+  <int value="-213843428"
+      label="WebIdentityDigitalCredentialsCreation:enabled"/>
   <int value="-213518852" label="protect-sync-credential:enabled"/>
   <int value="-213214894" label="enable-chromevox-arc-support"/>
   <int value="-211162053" label="OmniboxHeaderPaddingUpdate:enabled"/>