diff options
| -rw-r--r-- | core/java/android/webkit/ClientCertRequest.java | 80 | ||||
| -rw-r--r-- | core/java/android/webkit/WebView.java | 19 | ||||
| -rw-r--r-- | core/java/android/webkit/WebViewClient.java | 26 | ||||
| -rw-r--r-- | core/java/android/webkit/WebViewProvider.java | 2 |
4 files changed, 126 insertions, 1 deletions
diff --git a/core/java/android/webkit/ClientCertRequest.java b/core/java/android/webkit/ClientCertRequest.java new file mode 100644 index 000000000000..89517863d212 --- /dev/null +++ b/core/java/android/webkit/ClientCertRequest.java @@ -0,0 +1,80 @@ +/* + * Copyright (C) 2014 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package android.webkit; + +import java.security.Principal; +import java.security.PrivateKey; +import java.security.cert.X509Certificate; + +/** + * ClientCertRequest: The user receives an instance of this class as + * a parameter of {@link WebViewClient#onReceivedClientCertRequest}. + * The request includes the parameters to choose the client certificate, + * such as the host name and the port number requesting the cert, the acceptable + * key types and the principals. + * + * The user should call one of the interface methods to indicate how to deal + * with the client certificate request. All methods should be called on + * UI thread. + * + * WebView caches the {@link #proceed} and {@link #cancel} responses in memory + * and uses them to handle future client certificate requests for the same + * host/port pair. The user can clear the cached data using + * {@link WebView#clearClientCertPreferences}. + * + * TODO(sgurun) unhide + * @hide + */ +public interface ClientCertRequest { + /** + * Returns the acceptable types of asymmetric keys (can be null). + */ + public String[] getKeyTypes(); + + /** + * Returns the acceptable certificate issuers for the certificate + * matching the private key (can be null). + */ + public Principal[] getPrincipals(); + + /** + * Returns the host name of the server requesting the certificate. + */ + public String getHost(); + + /** + * Returns the port number of the server requesting the certificate. + */ + public int getPort(); + + /** + * Proceed with the specified private key and client certificate chain. + * Remember the user's positive choice and use it for future requests. + */ + public void proceed(PrivateKey privateKey, X509Certificate[] chain); + + /** + * Ignore the request for now. Do not remember user's choice. + */ + public void ignore(); + + /** + * Cancel this request. Remember the user's choice and use it for + * future requests. + */ + public void cancel(); +} diff --git a/core/java/android/webkit/WebView.java b/core/java/android/webkit/WebView.java index d2e7324f7518..cf9539eaed78 100644 --- a/core/java/android/webkit/WebView.java +++ b/core/java/android/webkit/WebView.java @@ -485,7 +485,7 @@ public class WebView extends AbsoluteLayout * @param privateBrowsing whether this WebView will be initialized in * private mode * - * @deprecated Private browsing is no longer supported directly via + * @deprecated Private browsing is no longer supported directly via * WebView and will be removed in a future release. Prefer using * {@link WebSettings}, {@link WebViewDatabase}, {@link CookieManager} * and {@link WebStorage} for fine-grained control of privacy data. @@ -1476,6 +1476,23 @@ public class WebView extends AbsoluteLayout } /** + * Clears the client certificate preferences table stored in response + * to proceeding/cancelling client cert requests. Note that webview + * automatically clears these preferences when it receives a + * {@link KeyChain.ACTION_STORAGE_CHANGED} + * + * @param resultCallback A callback to be invoked when client certs are cleared. + * + * TODO(sgurun) unhide + * @hide + */ + public void clearClientCertPreferences(ValueCallback<Void> resultCallback) { + checkThread(); + if (DebugFlags.TRACE_API) Log.d(LOGTAG, "clearClientCertPreferences"); + mProvider.clearClientCertPreferences(resultCallback); + } + + /** * Gets the WebBackForwardList for this WebView. This contains the * back/forward list for use in querying each item in the history stack. * This is a copy of the private WebBackForwardList so it contains only a diff --git a/core/java/android/webkit/WebViewClient.java b/core/java/android/webkit/WebViewClient.java index e8974c6cda33..688c2518bf67 100644 --- a/core/java/android/webkit/WebViewClient.java +++ b/core/java/android/webkit/WebViewClient.java @@ -22,6 +22,8 @@ import android.os.Message; import android.view.KeyEvent; import android.view.ViewRootImpl; +import java.security.Principal; + public class WebViewClient { /** @@ -205,6 +207,30 @@ public class WebViewClient { } /** + * Notify the host application to handle a SSL client certificate + * request. The host application is responsible for showing the UI + * if desired and providing the keys. There are three ways to + * respond: proceed(), cancel() or ignore(). Webview remembers the + * response if proceed() or cancel() is called and does not + * call onReceivedClientCertRequest() again for the same host and port + * pair. Webview does not remember the response if ignore() is called. + * + * This method is called on the UI thread. During the callback, the + * connection is suspended. + * + * The default behavior is to cancel, returning no client certificate. + * + * @param view The WebView that is initiating the callback + * @param request An instance of a {@link ClientCertRequest} + * + * TODO(sgurun) unhide + * @hide + */ + public void onReceivedClientCertRequest(WebView view, ClientCertRequest request) { + request.cancel(); + } + + /** * Notifies the host application that the WebView received an HTTP * authentication request. The host application can use the supplied * {@link HttpAuthHandler} to set the WebView's response to the request. diff --git a/core/java/android/webkit/WebViewProvider.java b/core/java/android/webkit/WebViewProvider.java index 5081ff578b4a..efa5497e2104 100644 --- a/core/java/android/webkit/WebViewProvider.java +++ b/core/java/android/webkit/WebViewProvider.java @@ -198,6 +198,8 @@ public interface WebViewProvider { public void clearSslPreferences(); + public void clearClientCertPreferences(ValueCallback<Void> resultCallback); + public WebBackForwardList copyBackForwardList(); public void setFindListener(WebView.FindListener listener); |