trust_token_store.cc | Explore in Territory

// Copyright 2019 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include "services/network/trust_tokens/trust_token_store.h"

#include <map>
#include <memory>
#include <optional>
#include <utility>

#include "base/containers/contains.h"
#include "base/ranges/algorithm.h"
#include "net/base/registry_controlled_domains/registry_controlled_domain.h"
#include "services/network/public/cpp/is_potentially_trustworthy.h"
#include "services/network/public/cpp/trust_token_parameterization.h"
#include "services/network/public/mojom/clear_data_filter.mojom.h"
#include "services/network/public/mojom/trust_tokens.mojom-forward.h"
#include "services/network/trust_tokens/in_memory_trust_token_persister.h"
#include "services/network/trust_tokens/proto/public.pb.h"
#include "services/network/trust_tokens/proto/storage.pb.h"
#include "services/network/trust_tokens/suitable_trust_token_origin.h"
#include "services/network/trust_tokens/trust_token_key_commitment_getter.h"
#include "services/network/trust_tokens/trust_token_parameterization.h"
#include "services/network/trust_tokens/types.h"
#include "third_party/protobuf/src/google/protobuf/repeated_field.h"
#include "url/origin.h"

namespace network {

namespace {
class NeverExpiringExpiryDelegate
    : public TrustTokenStore::RecordExpiryDelegate { … };

}  // namespace

TrustTokenStore::TrustTokenStore(
    std::unique_ptr<TrustTokenPersister> persister,
    std::unique_ptr<RecordExpiryDelegate> expiry_delegate)
    : … { … }

TrustTokenStore::~TrustTokenStore() = default;

std::unique_ptr<TrustTokenStore> TrustTokenStore::CreateForTesting(
    std::unique_ptr<TrustTokenPersister> persister,
    std::unique_ptr<RecordExpiryDelegate> expiry_delegate) { … }

void TrustTokenStore::RecordIssuance(const SuitableTrustTokenOrigin& issuer) { … }

std::optional<base::TimeDelta> TrustTokenStore::TimeSinceLastIssuance(
    const SuitableTrustTokenOrigin& issuer) { … }

bool TrustTokenStore::IsRedemptionLimitHit(
    const SuitableTrustTokenOrigin& issuer,
    const SuitableTrustTokenOrigin& top_level) const { … }

std::optional<base::TimeDelta> TrustTokenStore::TimeSinceLastRedemption(
    const SuitableTrustTokenOrigin& issuer,
    const SuitableTrustTokenOrigin& top_level) { … }

bool TrustTokenStore::IsAssociated(const SuitableTrustTokenOrigin& issuer,
                                   const SuitableTrustTokenOrigin& top_level) { … }

bool TrustTokenStore::SetAssociation(
    const SuitableTrustTokenOrigin& issuer,
    const SuitableTrustTokenOrigin& top_level) { … }

void TrustTokenStore::PruneStaleIssuerState(
    const SuitableTrustTokenOrigin& issuer,
    const std::vector<mojom::TrustTokenVerificationKeyPtr>& keys) { … }

void TrustTokenStore::AddTokens(const SuitableTrustTokenOrigin& issuer,
                                base::span<const std::string> token_bodies,
                                std::string_view issuing_key) { … }

int TrustTokenStore::CountTokens(const SuitableTrustTokenOrigin& issuer) { … }

std::vector<TrustToken> TrustTokenStore::RetrieveMatchingTokens(
    const SuitableTrustTokenOrigin& issuer,
    base::RepeatingCallback<bool(const std::string&)> key_matcher) { … }

void TrustTokenStore::DeleteToken(const SuitableTrustTokenOrigin& issuer,
                                  const TrustToken& to_delete) { … }

void TrustTokenStore::SetRedemptionRecord(
    const SuitableTrustTokenOrigin& issuer,
    const SuitableTrustTokenOrigin& top_level,
    const TrustTokenRedemptionRecord& record) { … }

std::optional<TrustTokenRedemptionRecord>
TrustTokenStore::RetrieveNonstaleRedemptionRecord(
    const SuitableTrustTokenOrigin& issuer,
    const SuitableTrustTokenOrigin& top_level) { … }

bool TrustTokenStore::ClearDataForFilter(mojom::ClearDataFilterPtr filter) { … }

// Assumes predicate is created from
// CookieSettings::CreateDeleteCookieOnExitPredicate and matches PST
// storage key hosts.
//
// Some inputs and the resulting data clearing decisions.
//
// Serialized storage key    | Clear on exit list includes | will get cleared
// https://a.com:1443        | a.com                       | yes
// https://a.com:1443        | https://a.com               | yes
// https://a.b.com:1443      | a.b.com                     | yes
// https://a.b.com:1443      | b.com                       | no
// https://b.com:1443        | a.b.com                     | no
//
bool TrustTokenStore::ClearDataForPredicate(
    base::RepeatingCallback<bool(const std::string&)> predicate) { … }

bool TrustTokenStore::DeleteStoredTrustTokens(
    const SuitableTrustTokenOrigin& issuer) { … }

base::flat_map<SuitableTrustTokenOrigin, int>
TrustTokenStore::GetStoredTrustTokenCounts() { … }

IssuerRedemptionRecordMap TrustTokenStore::GetRedemptionRecords() { … }

}  // namespace network
chromium/services/network/trust_tokens/trust_token_store.cc
