// Copyright 2024 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "chrome/browser/enterprise/profile_management/oidc_auth_response_capture_navigation_throttle.h" #include <optional> #include <string> #include <vector> #include "base/base64url.h" #include "base/containers/flat_map.h" #include "base/feature_list.h" #include "base/logging.h" #include "base/memory/weak_ptr.h" #include "base/strings/string_split.h" #include "chrome/browser/enterprise/profile_management/profile_management_features.h" #include "chrome/browser/enterprise/signin/oidc_authentication_signin_interceptor.h" #include "chrome/browser/enterprise/signin/oidc_authentication_signin_interceptor_factory.h" #include "chrome/browser/enterprise/signin/oidc_metrics_utils.h" #include "chrome/browser/profiles/profile.h" #include "components/policy/core/common/policy_logger.h" #include "components/url_matcher/url_util.h" #include "content/public/browser/browser_context.h" #include "content/public/browser/navigation_handle.h" #include "content/public/browser/navigation_throttle.h" #include "content/public/browser/web_contents.h" #include "url/gurl.h" URLMatcher; namespace { constexpr char kEnrollmentFallbackUrl[] = …; // We consider this common host for Microsoft authentication to be valid // redirection source. constexpr char kEntraLoginHost[] = …; // Valid redirection from MSFT Cloud App Security portal. constexpr char kEntraMcasHost[] = …; constexpr char kQuerySeparator[] = …; constexpr char kKeyValueSeparator[] = …; constexpr char kAuthTokenHeader[] = …; constexpr char kIdTokenHeader[] = …; constexpr char kOidcStateHeader[] = …; base::flat_map<std::string, std::string> SplitUrl(const std::string& url) { … } std::unique_ptr<URLMatcher> CreateEnrollmentRedirectUrlMatcher() { … } const url_matcher::URLMatcher* GetEnrollmentRedirectUrlMatcher() { … } bool IsEnrollmentUrl(GURL& url) { … } std::unique_ptr<URLMatcher> CreateOidcEnrollmentUrlMatcher() { … } } // namespace namespace profile_management { // static std::unique_ptr<OidcAuthResponseCaptureNavigationThrottle> OidcAuthResponseCaptureNavigationThrottle::MaybeCreateThrottleFor( content::NavigationHandle* navigation_handle) { … } OidcAuthResponseCaptureNavigationThrottle:: OidcAuthResponseCaptureNavigationThrottle( content::NavigationHandle* navigation_handle) : … { … } OidcAuthResponseCaptureNavigationThrottle:: ~OidcAuthResponseCaptureNavigationThrottle() = default; content::NavigationThrottle::ThrottleCheckResult OidcAuthResponseCaptureNavigationThrottle::WillRedirectRequest() { … } content::NavigationThrottle::ThrottleCheckResult OidcAuthResponseCaptureNavigationThrottle::WillProcessResponse() { … } const url_matcher::URLMatcher* OidcAuthResponseCaptureNavigationThrottle::GetOidcEnrollmentUrlMatcher() { … } const char* OidcAuthResponseCaptureNavigationThrottle::GetNameForLogging() { … } content::NavigationThrottle::ThrottleCheckResult OidcAuthResponseCaptureNavigationThrottle::AttemptToTriggerInterception() { … } void OidcAuthResponseCaptureNavigationThrottle::RegisterWithOidcTokens( ProfileManagementOidcTokens tokens, data_decoder::DataDecoder::ValueOrError result) { … } } // namespace profile_management
Codebase Browser
chromium