#include "chrome/browser/ip_protection/ip_protection_config_provider.h"
#include <memory>
#include <optional>
#include "base/command_line.h"
#include "base/feature_list.h"
#include "base/functional/bind.h"
#include "base/metrics/histogram_functions.h"
#include "base/ranges/algorithm.h"
#include "base/sequence_checker.h"
#include "base/strings/strcat.h"
#include "base/task/bind_post_task.h"
#include "base/task/task_traits.h"
#include "base/task/thread_pool.h"
#include "base/threading/sequence_bound.h"
#include "base/time/time.h"
#include "chrome/browser/ip_protection/ip_protection_switches.h"
#include "chrome/browser/profiles/profile.h"
#include "chrome/common/channel_info.h"
#include "components/ip_protection/common/ip_protection_config_provider_helper.h"
#include "components/ip_protection/common/ip_protection_data_types.h"
#include "components/ip_protection/common/ip_protection_proxy_config_fetcher.h"
#include "components/ip_protection/common/ip_protection_telemetry.h"
#include "components/ip_protection/common/ip_protection_token_direct_fetcher.h"
#include "components/prefs/pref_service.h"
#include "components/privacy_sandbox/privacy_sandbox_features.h"
#include "components/privacy_sandbox/tracking_protection_prefs.h"
#include "components/privacy_sandbox/tracking_protection_settings.h"
#include "content/public/browser/browser_thread.h"
#include "content/public/browser/storage_partition.h"
#include "google_apis/gaia/gaia_constants.h"
#include "google_apis/google_api_keys.h"
#include "mojo/public/cpp/bindings/message.h"
#include "mojo/public/cpp/bindings/pending_receiver.h"
#include "mojo/public/cpp/bindings/pending_remote.h"
#include "net/base/features.h"
#include "net/base/proxy_chain.h"
#include "net/base/proxy_server.h"
#include "net/base/proxy_string_util.h"
#include "net/third_party/quiche/src/quiche/blind_sign_auth/blind_sign_auth.h"
#include "net/third_party/quiche/src/quiche/blind_sign_auth/proto/blind_sign_auth_options.pb.h"
#include "net/third_party/quiche/src/quiche/blind_sign_auth/proto/spend_token_data.pb.h"
#include "third_party/abseil-cpp/absl/status/status.h"
TryGetAuthTokensResult;
IpProtectionConfigProvider::IpProtectionConfigProvider(
signin::IdentityManager* identity_manager,
privacy_sandbox::TrackingProtectionSettings* tracking_protection_settings,
PrefService* pref_service,
Profile* profile)
: … { … }
void IpProtectionConfigProvider::SetUp() { … }
void IpProtectionConfigProvider::SetUpForTesting(
std::unique_ptr<ip_protection::IpProtectionProxyConfigRetriever>
ip_protection_proxy_config_retriever,
scoped_refptr<network::SharedURLLoaderFactory> url_loader_factory,
std::unique_ptr<quiche::BlindSignAuthInterface> bsa) { … }
IpProtectionConfigProvider::~IpProtectionConfigProvider() = default;
void IpProtectionConfigProvider::TryGetAuthTokens(
uint32_t batch_size,
network::mojom::IpProtectionProxyLayer proxy_layer,
TryGetAuthTokensCallback callback) { … }
void IpProtectionConfigProvider::GetProxyList(GetProxyListCallback callback) { … }
void IpProtectionConfigProvider::RequestOAuthToken(
RequestOAuthTokenCallback callback) { … }
void IpProtectionConfigProvider::OnRequestOAuthTokenCompleted(
std::unique_ptr<signin::PrimaryAccountAccessTokenFetcher>
oauth_token_fetcher,
RequestOAuthTokenCallback callback,
GoogleServiceAuthError error,
signin::AccessTokenInfo access_token_info) { … }
void IpProtectionConfigProvider::
OnRequestOAuthTokenCompletedForTryGetAuthTokens(
uint32_t batch_size,
quiche::ProxyLayer quiche_proxy_layer,
TryGetAuthTokensCallback callback,
base::TimeTicks oauth_token_fetch_start_time,
GoogleServiceAuthError error,
signin::AccessTokenInfo access_token_info) { … }
void IpProtectionConfigProvider::OnRequestOAuthTokenCompletedForGetProxyConfig(
GetProxyListCallback callback,
GoogleServiceAuthError error,
signin::AccessTokenInfo access_token_info) { … }
void IpProtectionConfigProvider::FetchBlindSignedToken(
std::optional<signin::AccessTokenInfo> access_token_info,
uint32_t batch_size,
quiche::ProxyLayer quiche_proxy_layer,
TryGetAuthTokensCallback callback) { … }
void IpProtectionConfigProvider::OnFetchBlindSignedTokenCompleted(
base::TimeTicks bsa_get_tokens_start_time,
TryGetAuthTokensCallback callback,
absl::StatusOr<std::vector<quiche::BlindSignToken>> tokens) { … }
void IpProtectionConfigProvider::TryGetAuthTokensComplete(
std::optional<std::vector<ip_protection::BlindSignedAuthToken>> bsa_tokens,
TryGetAuthTokensCallback callback,
TryGetAuthTokensResult result,
std::optional<base::TimeDelta> duration) { … }
void IpProtectionConfigProvider::InvalidateNetworkContextTryAgainAfterTime() { … }
std::optional<base::TimeDelta> IpProtectionConfigProvider::CalculateBackoff(
TryGetAuthTokensResult result) { … }
void IpProtectionConfigProvider::Shutdown() { … }
IpProtectionConfigProvider* IpProtectionConfigProvider::Get(Profile* profile) { … }
void IpProtectionConfigProvider::AddNetworkService(
mojo::PendingReceiver<network::mojom::IpProtectionConfigGetter>
pending_receiver,
mojo::PendingRemote<network::mojom::IpProtectionProxyDelegate>
pending_remote) { … }
void IpProtectionConfigProvider::ClearOAuthTokenProblemBackoff() { … }
void IpProtectionConfigProvider::OnPrimaryAccountChanged(
const signin::PrimaryAccountChangeEvent& event) { … }
void IpProtectionConfigProvider::OnErrorStateOfRefreshTokenUpdatedForAccount(
const CoreAccountInfo& account_info,
const GoogleServiceAuthError& error,
signin_metrics::SourceForRefreshTokenOperation token_operation_source) { … }
bool IpProtectionConfigProvider::CanRequestOAuthToken() { … }
bool IpProtectionConfigProvider::CanIpProtectionBeEnabled() { … }
bool IpProtectionConfigProvider::IsIpProtectionEnabled() { … }
void IpProtectionConfigProvider::OnIpProtectionEnabledChanged() { … }