// Copyright 2024 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef COMPONENTS_IP_PROTECTION_ANDROID_ANDROID_AUTH_CLIENT_LIB_CPP_IP_PROTECTION_AUTH_CLIENT_H_
#define COMPONENTS_IP_PROTECTION_ANDROID_ANDROID_AUTH_CLIENT_LIB_CPP_IP_PROTECTION_AUTH_CLIENT_H_
#include <memory>
#include <string>
#include "base/android/jni_android.h"
#include "base/android/scoped_java_ref.h"
#include "base/functional/callback.h"
#include "base/memory/weak_ptr.h"
#include "base/types/expected.h"
#include "components/ip_protection/android/android_auth_client_lib/cpp/ip_protection_auth_client_interface.h"
#include "net/third_party/quiche/src/quiche/blind_sign_auth/proto/auth_and_sign.pb.h"
#include "net/third_party/quiche/src/quiche/blind_sign_auth/proto/get_initial_data.pb.h"
namespace ip_protection::android {
// Wrapper around the Java IpProtectionAuthClient that translates native
// function calls into IPCs to the Android service implementing IP Protection.
class IpProtectionAuthClient : public IpProtectionAuthClientInterface {
public:
~IpProtectionAuthClient() override;
IpProtectionAuthClient(const IpProtectionAuthClient& other) = delete;
IpProtectionAuthClient& operator=(const IpProtectionAuthClient& other) =
delete;
// Asynchronously request to bind to the Android IP Protection auth service.
// Callback will be invoked on the calling process's main thread.
static void CreateConnectedInstance(
base::OnceCallback<ClientCreated> callback);
// Request to bind to an alternative or mock Android IP Protection auth
// service specified by |packageName| and |className|, which identify the
// component of the service to bind to. The service does not need to be
// system-installed. Callback will be invoked on the calling process's main
// thread.
static void CreateConnectedInstanceForTesting(
const std::string_view packageName,
const std::string_view className,
base::OnceCallback<ClientCreated> callback);
// Asynchronously send a GetInitialDataRequest to the signing server.
//
// There are no guarantees as to which thread the callback is invoked on. It
// could be the main thread, a binder thread, some internal sequence, or even
// be called synchronously! It is the responsibility of the caller to repost
// to a well-defined sequence as needed (such as via base::BindPostTask or
// base::BindPostTaskToCurrentDefault).
void GetInitialData(const privacy::ppn::GetInitialDataRequest& request,
GetInitialDataResponseCallback callback) const override;
// Asynchronously send an AuthAndSignRequest to the signing server.
//
// There are no guarantees as to which thread the callback is invoked on. It
// could be the main thread, a binder thread, some internal sequence, or even
// be called synchronously! It is the responsibility of the caller to repost
// to a well-defined sequence as needed (such as via base::BindPostTask or
// base::BindPostTaskToCurrentDefault).
void AuthAndSign(const privacy::ppn::AuthAndSignRequest& request,
AuthAndSignResponseCallback callback) const override;
base::WeakPtr<IpProtectionAuthClientInterface> GetWeakPtr() override;
private:
// BindCallbackListener::OnResult calls IpProtectionAuthClient's constructor.
friend class BindCallbackListener;
explicit IpProtectionAuthClient(
const jni_zero::JavaRef<jobject>& ip_protection_auth_client);
// Reference to the Java IpProtectionAuthClient object.
jni_zero::ScopedJavaGlobalRef<jobject> ip_protection_auth_client_;
base::WeakPtrFactory<IpProtectionAuthClient> weak_ptr_factory_{this};
};
} // namespace ip_protection::android
#endif // COMPONENTS_IP_PROTECTION_ANDROID_ANDROID_AUTH_CLIENT_LIB_CPP_IP_PROTECTION_AUTH_CLIENT_H_