// Copyright 2021 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/browser/nearby_sharing/tachyon_ice_config_fetcher.h"
#include <optional>
#include "base/functional/bind.h"
#include "base/metrics/histogram_functions.h"
#include "base/strings/string_number_conversions.h"
#include "base/strings/stringprintf.h"
#include "base/time/time.h"
#include "base/unguessable_token.h"
#include "chrome/browser/nearby_sharing/instantmessaging/token_fetcher.h"
#include "chrome/browser/nearby_sharing/proto/duration.pb.h"
#include "chrome/browser/nearby_sharing/proto/ice.pb.h"
#include "chrome/browser/nearby_sharing/proto/tachyon.pb.h"
#include "chrome/browser/nearby_sharing/proto/tachyon_common.pb.h"
#include "chrome/browser/nearby_sharing/proto/tachyon_enums.pb.h"
#include "chrome/services/sharing/public/cpp/sharing_webrtc_metrics.h"
#include "chromeos/ash/components/nearby/common/client/nearby_http_result.h"
#include "components/cross_device/logging/logging.h"
#include "google_apis/gaia/gaia_constants.h"
#include "net/base/load_flags.h"
#include "services/network/public/cpp/resource_request.h"
#include "services/network/public/cpp/shared_url_loader_factory.h"
#include "services/network/public/cpp/simple_url_loader.h"
#include "third_party/icu/source/common/unicode/locid.h"
#include "url/gurl.h"
namespace {
namespace tachyon_proto = nearbyshare::tachyon_proto;
const char kIceConfigApiUrl[] =
"https://instantmessaging-pa.googleapis.com/v1/peertopeer:geticeserver";
const char kAuthorizationHeaderFormat[] = "Authorization: Bearer %s";
// Timeout for network calls to Tachyon servers.
constexpr base::TimeDelta kNetworkTimeout = base::Seconds(4);
// Response with 2 ice server configs takes ~1KB. A loose upper bound of 16KB is
// chosen to avoid breaking the flow in case the response has longer URLs in ice
// configs.
constexpr int kMaxBodySize = 16 * 1024;
const char kAppName[] = "Nearby";
const tachyon_proto::IdType::Type kTachyonIdType =
tachyon_proto::IdType::NEARBY_ID;
constexpr int kMajorVersion = 1;
constexpr int kMinorVersion = 24;
constexpr int kPointVersion = 0;
const net::NetworkTrafficAnnotationTag kTrafficAnnotation =
net::DefineNetworkTrafficAnnotation("tachyon_ice_config_fetcher", R"(
semantics {
sender: "TachyonIceConfigFetcher"
description:
"Fetches ice server configurations for p2p webrtc connection as "
"described in "
"https://www.w3.org/TR/webrtc/#rtciceserver-dictionary."
trigger:
"User uses any Chrome cross-device sharing feature and selects one"
" of their devices to send the data to."
data: "No data is sent in the request."
destination: GOOGLE_OWNED_SERVICE
}
policy {
cookies_allowed: NO
setting:
"Users can disable this behavior by signing out of Chrome."
chrome_policy {
BrowserSignin {
policy_options {mode: MANDATORY}
BrowserSignin: 0
}
}
})");
// Returns the ISO country code for the locale currently set as the
// user's device language.
const std::string GetCurrentCountryCode() {
return icu::Locale::getDefault().getCountry();
}
void BuildLocationHint(tachyon_proto::LocationHint* location_hint,
const std::string& location,
tachyon_proto::LocationStandard_Format format) {
location_hint->set_location(location);
location_hint->set_format(format);
}
void BuildId(tachyon_proto::Id* req_id, const std::string& id) {
DCHECK(req_id);
req_id->set_id(id);
req_id->set_app(kAppName);
req_id->set_type(kTachyonIdType);
BuildLocationHint(req_id->mutable_location_hint(), GetCurrentCountryCode(),
tachyon_proto::LocationStandard_Format::
LocationStandard_Format_ISO_3166_1_ALPHA_2);
}
void BuildHeader(tachyon_proto::RequestHeader* header) {
DCHECK(header);
header->set_request_id(base::UnguessableToken::Create().ToString());
header->set_app(kAppName);
BuildId(header->mutable_requester_id(), std::string());
tachyon_proto::ClientInfo* info = header->mutable_client_info();
info->set_api_version(tachyon_proto::ApiVersion::V4);
info->set_platform_type(tachyon_proto::Platform::DESKTOP);
info->set_major(kMajorVersion);
info->set_minor(kMinorVersion);
info->set_point(kPointVersion);
}
tachyon_proto::GetICEServerRequest BuildRequest() {
tachyon_proto::GetICEServerRequest request;
BuildHeader(request.mutable_header());
return request;
}
void RecordResultMetric(const ash::nearby::NearbyHttpStatus& http_status) {
bool success = http_status.IsSuccess();
base::UmaHistogramBoolean(
"Nearby.Connections.InstantMessaging.TachyonIceConfigFetcher.Result",
success);
if (!success) {
base::UmaHistogramSparse(
"Nearby.Connections.InstantMessaging.TachyonIceConfigFetcher."
"FailureReason",
http_status.GetResultCodeForMetrics());
}
}
void RecordCacheHitMetric(bool cache_hit) {
base::UmaHistogramBoolean(
"Nearby.Connections.InstantMessaging.TachyonIceConfigFetcher.CacheHit",
cache_hit);
}
void RecordTokenFetchSuccessMetric(bool token_fetch_successful) {
base::UmaHistogramBoolean(
"Nearby.Connections.InstantMessaging.TachyonIceConfigFetcher."
"OAuthTokenFetchResult",
token_fetch_successful);
}
bool IsLoaderSuccessful(const network::SimpleURLLoader* loader,
const std::string& request_id) {
DCHECK(loader);
ash::nearby::NearbyHttpStatus status =
ash::nearby::NearbyHttpStatus(loader->NetError(), loader->ResponseInfo());
RecordResultMetric(status);
if (!status.IsSuccess()) {
CD_LOG(ERROR, Feature::NEARBY_INFRA)
<< "TachyonIceConfigFetcher (request_id=" << request_id << ") "
<< status << " " << status.GetResultCodeForMetrics();
return false;
}
CD_LOG(VERBOSE, Feature::NEARBY_INFRA)
<< "TachyonIceConfigFetcher (request_id=" << request_id
<< ") GetIceServers succeeded";
return true;
}
std::vector<::sharing::mojom::IceServerPtr> GetDefaultIceServers() {
::sharing::mojom::IceServerPtr ice_server(::sharing::mojom::IceServer::New());
ice_server->urls.emplace_back("stun:stun.l.google.com:19302");
ice_server->urls.emplace_back("stun:stun1.l.google.com:19302");
ice_server->urls.emplace_back("stun:stun2.l.google.com:19302");
ice_server->urls.emplace_back("stun:stun3.l.google.com:19302");
ice_server->urls.emplace_back("stun:stun4.l.google.com:19302");
std::vector<::sharing::mojom::IceServerPtr> default_servers;
default_servers.push_back(std::move(ice_server));
return default_servers;
}
std::vector<::sharing::mojom::IceServerPtr> CloneIceServerList(
const std::vector<::sharing::mojom::IceServerPtr>& server_list) {
// Cannot use vector's default copy operation because IceServerPtr is move
// only and has to be cloned.
std::vector<::sharing::mojom::IceServerPtr> new_list;
for (const auto& server : server_list) {
new_list.push_back(server.Clone());
}
return new_list;
}
void OnOAuthTokenFetched(
std::unique_ptr<TokenFetcher> token_fetcher,
base::OnceCallback<void(const std::string& token)> callback,
const std::string& token) {
// It is safe to reset the token fetcher now.
token_fetcher.reset();
// Note: We do not do anything special for empty tokens.
RecordTokenFetchSuccessMetric(/*token_fetch_successful=*/!token.empty());
std::move(callback).Run(token);
}
void GetAccessToken(
signin::IdentityManager* identity_manager,
base::OnceCallback<void(const std::string& token)> callback) {
std::unique_ptr<TokenFetcher> token_fetcher =
std::make_unique<TokenFetcher>(identity_manager);
TokenFetcher* token_fetcher_ptr = token_fetcher.get();
// Pass the token fetcher in the closure so that its lifetime is the same as
// the request. The access token is cached by the identity manager, so no
// caching is necessary here.
token_fetcher_ptr->GetAccessToken(base::BindOnce(
&OnOAuthTokenFetched, std::move(token_fetcher), std::move(callback)));
}
} // namespace
TachyonIceConfigFetcher::TachyonIceConfigFetcher(
signin::IdentityManager* identity_manager,
scoped_refptr<network::SharedURLLoaderFactory> url_loader_factory)
: identity_manager_(identity_manager),
url_loader_factory_(std::move(url_loader_factory)) {}
TachyonIceConfigFetcher::~TachyonIceConfigFetcher() = default;
void TachyonIceConfigFetcher::GetIceServers(GetIceServersCallback callback) {
// If a previous request cached the ICE servers and the expiration time hasn't
// lapsed, return a copy of the cached servers immediately.
if (ice_server_cache_ && ice_server_cache_expiration_ >= base::Time::Now()) {
CD_LOG(VERBOSE, Feature::NEARBY_INFRA)
<< "TachyonIceConfigFetcher returning cached ice servers";
std::move(callback).Run(CloneIceServerList(*ice_server_cache_));
RecordCacheHitMetric(/*cache_hit=*/true);
return;
}
GetAccessToken(
identity_manager_,
base::BindOnce(&TachyonIceConfigFetcher::GetIceServersWithToken,
weak_ptr_factory_.GetWeakPtr(), std::move(callback)));
RecordCacheHitMetric(/*cache_hit=*/false);
}
void TachyonIceConfigFetcher::GetIceServersWithToken(
GetIceServersCallback callback,
const std::string& token) {
if (token.empty()) {
CD_LOG(ERROR, Feature::NEARBY_INFRA)
<< "TachyonIceConfigFetcher failed to fetch OAuth access token, "
"returning default ICE servers";
std::move(callback).Run(GetDefaultIceServers());
return;
}
auto resource_request = std::make_unique<network::ResourceRequest>();
resource_request->url = GURL(kIceConfigApiUrl);
resource_request->load_flags =
net::LOAD_BYPASS_CACHE | net::LOAD_DISABLE_CACHE;
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
resource_request->method = net::HttpRequestHeaders::kPostMethod;
resource_request->headers.AddHeaderFromString(
base::StringPrintf(kAuthorizationHeaderFormat, token.c_str()));
tachyon_proto::GetICEServerRequest request = BuildRequest();
const std::string& request_id = request.header().request_id();
auto url_loader = network::SimpleURLLoader::Create(
std::move(resource_request), kTrafficAnnotation);
auto* url_loader_ptr = url_loader.get();
url_loader->SetTimeoutDuration(kNetworkTimeout);
url_loader->AttachStringForUpload(request.SerializeAsString(),
"application/x-protobuf");
CD_LOG(VERBOSE, Feature::NEARBY_INFRA)
<< __func__
<< ": Requesting ICE Servers from Tachyon (request_id=" << request_id
<< ")";
url_loader_ptr->DownloadToString(
url_loader_factory_.get(),
base::BindOnce(&TachyonIceConfigFetcher::OnIceServersResponse,
weak_ptr_factory_.GetWeakPtr(), std::move(callback),
request_id, std::move(url_loader)),
kMaxBodySize);
}
void TachyonIceConfigFetcher::OnIceServersResponse(
::sharing::mojom::IceConfigFetcher::GetIceServersCallback callback,
const std::string& request_id,
std::unique_ptr<network::SimpleURLLoader> url_loader,
std::unique_ptr<std::string> response_body) {
std::vector<::sharing::mojom::IceServerPtr> ice_servers;
if (IsLoaderSuccessful(url_loader.get(), request_id) && response_body)
ice_servers = ParseIceServersResponse(*response_body, request_id);
sharing::LogWebRtcIceConfigFetched(ice_servers.size());
if (ice_servers.empty()) {
CD_LOG(VERBOSE, Feature::NEARBY_INFRA)
<< "TachyonIceConfigFetcher (request_id=" << request_id
<< ") empty response, returning default ICE servers";
ice_servers = GetDefaultIceServers();
}
std::move(callback).Run(std::move(ice_servers));
}
std::vector<::sharing::mojom::IceServerPtr>
TachyonIceConfigFetcher::ParseIceServersResponse(
const std::string& serialized_proto,
const std::string& request_id) {
std::vector<::sharing::mojom::IceServerPtr> servers_mojo;
tachyon_proto::GetICEServerResponse response;
if (!response.ParseFromString(serialized_proto)) {
CD_LOG(ERROR, Feature::NEARBY_INFRA)
<< __func__ << ": (request_id=" << request_id
<< ") Failed to parse response";
return servers_mojo;
}
const tachyon_proto::ICEConfiguration& ice_config = response.ice_config();
for (const tachyon_proto::ICEServerList& server : ice_config.ice_servers()) {
if (!server.urls_size())
continue;
::sharing::mojom::IceServerPtr server_mojo(
::sharing::mojom::IceServer::New());
for (const std::string& url : server.urls()) {
server_mojo->urls.emplace_back(url);
}
if (!server.username().empty())
server_mojo->username.emplace(server.username());
if (!server.credential().empty())
server_mojo->credential.emplace(server.credential());
servers_mojo.push_back(std::move(server_mojo));
}
if (ice_config.has_lifetime_duration()) {
ice_server_cache_ = CloneIceServerList(servers_mojo);
ice_server_cache_expiration_ =
base::Time::Now() +
base::Seconds(ice_config.lifetime_duration().seconds());
}
return servers_mojo;
}
Codebase Browser
chromium