[FedCM] Implement revocation part 1

This CL implements: * IDL changes needed for revocation * Plumbing of revocation request to the browser * Plumbing of revocation request to the network manager A future CL will implement the actual logic to check and modify the sharing permissions. UKM doc: https://docs.google.com/document/d/1cWxkjfblChxEtCcG4U0KdVeIlAjDm0alyvjuFhDOD2I/edit Bug: 1473134 Change-Id: I3374727e1aa199981912f0f81b4740d48bfb8b9b Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4949250 Reviewed-by: Alexander Timin <altimin@chromium.org> Reviewed-by: Yi Gu <yigu@chromium.org> Reviewed-by: Christian Biesinger <cbiesinger@chromium.org> Reviewed-by: Robert Sesek <rsesek@chromium.org> Commit-Queue: Christian Biesinger <cbiesinger@chromium.org> Reviewed-by: Jesse Doherty <jwd@chromium.org> Auto-Submit: Nicolás Peña <npm@chromium.org> Cr-Commit-Position: refs/heads/main@{#1215547}
chromium · Oct 26, 2023 · 1b6348f · 1b6348f
1 parent feb4941
commit 1b6348f
Show file tree

Hide file tree

Showing 43 changed files with 1,178 additions and 128 deletions.
diff --git a/chrome/browser/about_flags.cc b/chrome/browser/about_flags.cc
@@ -9059,6 +9059,10 @@ const FeatureEntry kFeatureEntries[] = {
      flag_descriptions::kFedCmMultiIdpDescription, kOsDesktop,
      FEATURE_VALUE_TYPE(features::kFedCmMultipleIdentityProviders)},
 
+    {"fedcm-revoke", flag_descriptions::kFedCmRevokeName,
+     flag_descriptions::kFedCmRevokeDescription, kOsAll,
+     FEATURE_VALUE_TYPE(features::kFedCmRevoke)},
+
     {"fedcm-selective-disclosure",
      flag_descriptions::kFedCmSelectiveDisclosureName,
      flag_descriptions::kFedCmSelectiveDisclosureDescription, kOsAll,

diff --git a/chrome/browser/flag-metadata.json b/chrome/browser/flag-metadata.json
@@ -4053,6 +4053,11 @@
     "owners": ["npm@chromium.org", "web-identity-eng@google.com"],
     "expiry_milestone": 125
   },
+  {
+    "name": "fedcm-revoke",
+    "owners": ["npm@chromium.org", "web-identity-eng@google.com"],
+    "expiry_milestone": 125
+  },
   {
     "name": "fedcm-selective-disclosure",
     "owners": ["goto@chromium.org", "web-identity-eng@google.com"],

diff --git a/chrome/browser/flag_descriptions.cc b/chrome/browser/flag_descriptions.cc
@@ -1634,6 +1634,11 @@ const char kFedCmMultiIdpDescription[] =
     "Allows the FedCM API to request multiple identity providers "
     "simultaneously. Requires FedCM to be enabled as well.";
 
+const char kFedCmRevokeName[] = "FedCmRevoke";
+const char kFedCmRevokeDescription[] =
+    "Enables the IdentityCredential.revoke() API which allows revoking "
+    "accounts created via federated login through FedCM.";
+
 const char kFedCmSelectiveDisclosureName[] = "FedCmSelectiveDisclosure";
 const char kFedCmSelectiveDisclosureDescription[] =
     "Allows a relying party to selectively request a set of identity "

diff --git a/chrome/browser/flag_descriptions.h b/chrome/browser/flag_descriptions.h
@@ -930,6 +930,9 @@ extern const char kFedCmLogoutRpsDescription[];
 extern const char kFedCmMultiIdpName[];
 extern const char kFedCmMultiIdpDescription[];
 
+extern const char kFedCmRevokeName[];
+extern const char kFedCmRevokeDescription[];
+
 extern const char kFedCmSelectiveDisclosureName[];
 extern const char kFedCmSelectiveDisclosureDescription[];
 

diff --git a/content/browser/BUILD.gn b/content/browser/BUILD.gn
@@ -2323,6 +2323,8 @@ source_set("browser") {
     "webid/federated_auth_request_impl.h",
     "webid/federated_auth_request_page_data.cc",
     "webid/federated_auth_request_page_data.h",
+    "webid/federated_auth_revoke_request.cc",
+    "webid/federated_auth_revoke_request.h",
     "webid/federated_auth_user_info_request.cc",
     "webid/federated_auth_user_info_request.h",
     "webid/federated_provider_fetcher.cc",

diff --git a/content/browser/webid/fedcm_metrics.cc b/content/browser/webid/fedcm_metrics.cc
@@ -391,6 +391,24 @@ void FedCmMetrics::RecordNumRequestsPerDocument(const int num_requests) {
                               num_requests);
 }
 
+void FedCmMetrics::RecordRevokeStatus(FedCmRevokeStatus status) {
+  if (is_disabled_) {
+    return;
+  }
+  auto RecordUkm = [&](auto& ukm_builder) {
+    ukm_builder.SetStatus_Revoke2(static_cast<int>(status));
+    ukm_builder.SetFedCmSessionID(session_id_);
+    ukm_builder.Record(ukm::UkmRecorder::Get());
+  };
+  ukm::builders::Blink_FedCm fedcm_builder(page_source_id_);
+  RecordUkm(fedcm_builder);
+
+  ukm::builders::Blink_FedCmIdp fedcm_idp_builder(provider_source_id_);
+  RecordUkm(fedcm_idp_builder);
+
+  base::UmaHistogramEnumeration("Blink.FedCm.Status.Revoke2", status);
+}
+
 void RecordPreventSilentAccess(RenderFrameHost& rfh,
                                PreventSilentAccessFrameType frame_type) {
   base::UmaHistogramEnumeration("Blink.FedCm.PreventSilentAccessFrameType",

diff --git a/content/browser/webid/fedcm_metrics.h b/content/browser/webid/fedcm_metrics.h
@@ -109,6 +109,33 @@ enum class PreventSilentAccessFrameType {
   kMaxValue = kCrossSiteIframe
 };
 
+// This enum describes the status of a revocation call to the FedCM API.
+enum class FedCmRevokeStatus {
+  // Don't change the meaning or the order of these values because they are
+  // being recorded in metrics and in sync with the counterpart in enums.xml.
+  kSuccess,
+  kTooManyRequests,
+  kUnhandledRequest,
+  kNoAccountToRevoke,
+  kRevokeUrlIsCrossOrigin,
+  kRevocationFailedOnServer,
+  kConfigHttpNotFound,
+  kConfigNoResponse,
+  kConfigInvalidResponse,
+  kDisabledInSettings,
+  kDisabledInFlags,
+  kWellKnownHttpNotFound,
+  kWellKnownNoResponse,
+  kWellKnownInvalidResponse,
+  kWellKnownListEmpty,
+  kConfigNotInWellKnown,
+  kWellKnownTooBig,
+  kWellKnownInvalidContentType,
+  kConfigInvalidContentType,
+
+  kMaxValue = kConfigInvalidContentType
+};
+
 class CONTENT_EXPORT FedCmMetrics {
  public:
   FedCmMetrics(const GURL& provider,
@@ -207,6 +234,9 @@ class CONTENT_EXPORT FedCmMetrics {
   // FedCM request or for the purpose of MDocs or multi-IDP are not counted.
   void RecordNumRequestsPerDocument(const int num_requests);
 
+  // Records the status of the |Revoke| call.
+  void RecordRevokeStatus(FedCmRevokeStatus status);
+
  private:
   // The page's SourceId. Used to log the UKM event Blink.FedCm.
   ukm::SourceId page_source_id_;