Refactor connection_security into SecurityStateModel

This CL refactors the connection_security namespace (a namespace of
statics) into SecurityStateModel, a class attached to a WebContents that
drives the security UI for that WebContents. The SecurityStateModel
provides high-level security information about a page or request, with
the goal of reducing code duplication across various security UI
elements.

In this first CL, I've introduced the SecurityStateModel and am using it
to drive the omnibox/lock icon, but have not yet adapted WebsiteSettings
to use a SecurityStateModel.

BUG=528034
TBR=sky@chromium.org

Review URL: https://codereview.chromium.org/1314843007

Cr-Commit-Position: refs/heads/master@{#347775}

chrome/android/BUILD.gn

@@ -178,7 +178,7 @@ android_library("chrome_java") {
 # GYP: //chrome/chrome_browser.gypi:connectivity_check_result_java
 # GYP: //chrome/chrome_browser.gypi:shortcut_source_java
 # GYP: //chrome/chrome_browser.gypi:profile_account_management_metrics_java
-# GYP: //chrome/chrome_browser.gypi:connection_security_security_levels_java
+# GYP: //chrome/chrome_browser.gypi:connection_security_levels_java
 # GYP: //chrome/chrome_browser.gypi:tab_load_status_java
 # GYP: //chrome/chrome_browser.gypi:infobar_action_type_java
 java_cpp_enum("chrome_android_java_enums_srcjar") {
@@ -188,7 +188,7 @@ java_cpp_enum("chrome_android_java_enums_srcjar") {
     "//chrome/browser/android/shortcut_info.h",
     "//chrome/browser/android/tab_android.h",
     "//chrome/browser/profiles/profile_metrics.h",
-    "//chrome/browser/ssl/connection_security.h",
+    "//chrome/browser/ssl/security_state_model.h",
     "//chrome/browser/ui/android/infobars/infobar_android.h",
   ]
   outputs = [

chrome/android/java/src/org/chromium/chrome/browser/BluetoothChooserDialog.java

@@ -40,7 +40,7 @@ public class BluetoothChooserDialog implements ItemChooserDialog.ItemSelectedCal
     String mOrigin;
 
     // The security level of the connection to the site wanting to pair with the
-    // bluetooth devices. For valid values see connection_security::SecurityLevel.
+    // bluetooth devices. For valid values see SecurityStateModel::SecurityLevel.
     int mSecurityLevel;
 
     // A pointer back to the native part of the implementation for this dialog.

chrome/android/java/src/org/chromium/chrome/browser/WebsiteSettingsPopup.java

@@ -49,9 +49,8 @@
 import org.chromium.chrome.browser.preferences.PreferencesLauncher;
 import org.chromium.chrome.browser.preferences.website.SingleWebsitePreferences;
 import org.chromium.chrome.browser.profiles.Profile;
-import org.chromium.chrome.browser.ssl.ConnectionSecurity;
 import org.chromium.chrome.browser.ssl.ConnectionSecurityLevel;
-import org.chromium.chrome.browser.toolbar.ToolbarModel;
+import org.chromium.chrome.browser.ssl.SecurityStateModel;
 import org.chromium.content.browser.ContentViewCore;
 import org.chromium.content_public.browser.WebContents;
 import org.chromium.content_public.browser.WebContentsObserver;
@@ -255,9 +254,12 @@ private boolean updateMaxLines() {
     // The security level of the page (a valid ConnectionSecurityLevel).
     private int mSecurityLevel;
 
-    // Whether the security level of the page was deprecated due to SHA-1.
+    // Whether the security level of the page was downgraded due to SHA-1.
     private boolean mDeprecatedSHA1Present;
 
+    // Whether the security level of the page was downgraded due to passive mixed content.
+    private boolean mPassiveMixedContentPresent;
+
     // Permissions available to be displayed in mPermissionsList.
     private List<PageInfoPermissionEntry> mDisplayedPermissions;
 
@@ -387,8 +389,9 @@ public void onDismiss(DialogInterface dialog) {
             mParsedUrl = null;
             mIsInternalPage = false;
         }
-        mSecurityLevel = ConnectionSecurity.getSecurityLevelForWebContents(mWebContents);
-        mDeprecatedSHA1Present = ToolbarModel.isDeprecatedSHA1Present(mWebContents);
+        mSecurityLevel = SecurityStateModel.getSecurityLevelForWebContents(mWebContents);
+        mDeprecatedSHA1Present = SecurityStateModel.isDeprecatedSHA1Present(mWebContents);
+        mPassiveMixedContentPresent = SecurityStateModel.isPassiveMixedContentPresent(mWebContents);
 
         SpannableStringBuilder urlBuilder = new SpannableStringBuilder(mFullUrl);
         OmniboxUrlEmphasizer.emphasizeUrl(urlBuilder, mContext.getResources(), mProfile,
@@ -466,9 +469,6 @@ private int getConnectionMessageId(int securityLevel, boolean isInternalPage) {
             case ConnectionSecurityLevel.SECURE:
             case ConnectionSecurityLevel.EV_SECURE:
                 return R.string.page_info_connection_https;
-            case ConnectionSecurityLevel.SECURITY_WARNING:
-            case ConnectionSecurityLevel.SECURITY_POLICY_WARNING:
-                return R.string.page_info_connection_mixed;
             default:
                 assert false : "Invalid security level specified: " + securityLevel;
                 return R.string.page_info_connection_http;
@@ -492,7 +492,12 @@ private Spannable getUrlConnectionMessage() {
         if (mDeprecatedSHA1Present) {
             messageBuilder.append(
                     mContext.getResources().getString(R.string.page_info_connection_sha1));
-        } else if (mSecurityLevel != ConnectionSecurityLevel.SECURITY_ERROR) {
+        } else if (mPassiveMixedContentPresent) {
+            messageBuilder.append(
+                    mContext.getResources().getString(R.string.page_info_connection_mixed));
+        } else if (mSecurityLevel != ConnectionSecurityLevel.SECURITY_ERROR
+                && mSecurityLevel != ConnectionSecurityLevel.SECURITY_WARNING
+                && mSecurityLevel != ConnectionSecurityLevel.SECURITY_POLICY_WARNING) {
             messageBuilder.append(mContext.getResources().getString(
                     getConnectionMessageId(mSecurityLevel, mIsInternalPage)));
         } else {

chrome/android/java/src/org/chromium/chrome/browser/ssl/SecurityStateModel.java

@@ -0,0 +1,49 @@
+// Copyright 2015 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+package org.chromium.chrome.browser.ssl;
+
+import org.chromium.content_public.browser.WebContents;
+
+/**
+ * Provides a way of accessing helpers for page security state.
+ */
+public class SecurityStateModel {
+    /**
+     * Fetch the security level for a given web contents.
+     *
+     * @param webContents The web contents to get the security level for.
+     * @return The ConnectionSecurityLevel for the specified web contents.
+     *
+     * @see ConnectionSecurityLevel
+     */
+    public static int getSecurityLevelForWebContents(WebContents webContents) {
+        if (webContents == null) return ConnectionSecurityLevel.NONE;
+        return nativeGetSecurityLevelForWebContents(webContents);
+    }
+
+    /**
+     * @param webContents The web contents to query for deprecated SHA-1 presence.
+     * @return Whether the security level of the page was deprecated due to SHA-1.
+     */
+    public static boolean isDeprecatedSHA1Present(WebContents webContents) {
+        if (webContents == null) return false;
+        return nativeIsDeprecatedSHA1Present(webContents);
+    }
+
+    /**
+     * @param webContents The web contents to query for passive mixed content presence.
+     * @return Whether the page contains passive mixed content.
+     */
+    public static boolean isPassiveMixedContentPresent(WebContents webContents) {
+        if (webContents == null) return false;
+        return nativeIsPassiveMixedContentPresent(webContents);
+    }
+
+    private SecurityStateModel() {}
+
+    private static native int nativeGetSecurityLevelForWebContents(WebContents webContents);
+    private static native boolean nativeIsDeprecatedSHA1Present(WebContents webContents);
+    private static native boolean nativeIsPassiveMixedContentPresent(WebContents webContents);
+}

chrome/android/java/src/org/chromium/chrome/browser/tab/Tab.java

@@ -59,8 +59,8 @@
 import org.chromium.chrome.browser.printing.TabPrinter;
 import org.chromium.chrome.browser.profiles.Profile;
 import org.chromium.chrome.browser.snackbar.SnackbarManager;
-import org.chromium.chrome.browser.ssl.ConnectionSecurity;
 import org.chromium.chrome.browser.ssl.ConnectionSecurityLevel;
+import org.chromium.chrome.browser.ssl.SecurityStateModel;
 import org.chromium.chrome.browser.tab.TabUma.TabCreationState;
 import org.chromium.chrome.browser.tabmodel.TabModel.TabLaunchType;
 import org.chromium.chrome.browser.tabmodel.TabModel.TabSelectionType;
@@ -1224,7 +1224,7 @@ public boolean getUseDesktopUserAgent() {
      */
     // TODO(tedchoc): Remove this and transition all clients to use ToolbarModel directly.
     public int getSecurityLevel() {
-        return ConnectionSecurity.getSecurityLevelForWebContents(getWebContents());
+        return SecurityStateModel.getSecurityLevelForWebContents(getWebContents());
     }
 
     /**

chrome/android/java/src/org/chromium/chrome/browser/toolbar/ToolbarModel.java

@@ -25,15 +25,6 @@ public interface ToolbarModelDelegate {
 
     private long mNativeToolbarModelAndroid;
 
-    /**
-     * @param webContents The web contents to query for deprecated SHA-1 presence.
-     * @return Whether the security level of the page was deprecated due to SHA-1.
-     */
-    public static boolean isDeprecatedSHA1Present(WebContents webContents) {
-        if (webContents == null) return false;
-        return nativeIsDeprecatedSHA1Present(webContents);
-    }
-
     /**
      * Initialize the native counterpart of this model.
      * @param delegate The delegate that will be used by the model.
@@ -69,8 +60,6 @@ public boolean wouldReplaceURL() {
         return nativeWouldReplaceURL(mNativeToolbarModelAndroid);
     }
 
-    private static native boolean nativeIsDeprecatedSHA1Present(WebContents webContents);
-
     private native long nativeInit(ToolbarModelDelegate delegate);
     private native void nativeDestroy(long nativeToolbarModelAndroid);
     private native String nativeGetText(long nativeToolbarModelAndroid);

chrome/browser/android/chrome_jni_registrar.cc

@@ -100,7 +100,7 @@
 #include "chrome/browser/signin/oauth2_token_service_delegate_android.h"
 #include "chrome/browser/speech/tts_android.h"
 #include "chrome/browser/spellchecker/spellchecker_session_bridge_android.h"
-#include "chrome/browser/ssl/connection_security_android.h"
+#include "chrome/browser/ssl/security_state_model_android.h"
 #include "chrome/browser/supervised_user/child_accounts/child_account_feedback_reporter_android.h"
 #include "chrome/browser/supervised_user/child_accounts/child_account_service_android.h"
 #include "chrome/browser/sync/profile_sync_service_android.h"
@@ -219,7 +219,7 @@ static base::android::RegistrationMethod kChromeRegisteredMethods[] = {
     {"ConfirmInfoBarDelegate", RegisterConfirmInfoBarDelegate},
     {"ConnectionInfoPopupAndroid",
      ConnectionInfoPopupAndroid::RegisterConnectionInfoPopupAndroid},
-    {"ConnectionSecurity", RegisterConnectionSecurityAndroid},
+    {"SecurityStateModel", RegisterSecurityStateModelAndroid},
     {"ConnectivityChecker", RegisterConnectivityChecker},
     {"ContextMenuHelper", RegisterContextMenuHelper},
     {"ContextualSearchManager", RegisterContextualSearchManager},

chrome/browser/android/chrome_web_contents_delegate_android.cc

@@ -17,6 +17,7 @@
 #include "chrome/browser/prerender/prerender_manager.h"
 #include "chrome/browser/prerender/prerender_manager_factory.h"
 #include "chrome/browser/profiles/profile.h"
+#include "chrome/browser/ssl/security_state_model.h"
 #include "chrome/browser/ui/android/bluetooth_chooser_android.h"
 #include "chrome/browser/ui/blocked_content/popup_blocker_tab_helper.h"
 #include "chrome/browser/ui/browser_navigator.h"
@@ -114,6 +115,17 @@ ChromeWebContentsDelegateAndroid::RunBluetoothChooser(
       new BluetoothChooserAndroid(web_contents, event_handler, origin));
 }
 
+void ChromeWebContentsDelegateAndroid::VisibleSSLStateChanged(
+    content::WebContents* web_contents) {
+  DCHECK(web_contents);
+  // Notify the model that the security state has changed, so that the
+  // URL bar updates with up-to-date data computed by the model.
+  SecurityStateModel* model = SecurityStateModel::FromWebContents(web_contents);
+  DCHECK(model);
+  model->SecurityStateChanged();
+  WebContentsDelegateAndroid::VisibleSSLStateChanged(web_contents);
+}
+
 void ChromeWebContentsDelegateAndroid::CloseContents(
     WebContents* web_contents) {
   // Prevent dangling registrations assigned to closed web contents.

chrome/browser/android/chrome_web_contents_delegate_android.h

@@ -46,6 +46,8 @@ class ChromeWebContentsDelegateAndroid
       content::WebContents* web_contents,
       const content::BluetoothChooser::EventHandler& event_handler,
       const GURL& origin) override;
+
+  void VisibleSSLStateChanged(content::WebContents* source) override;
   void CloseContents(content::WebContents* web_contents) override;
   blink::WebDisplayMode GetDisplayMode(
       const content::WebContents* web_contents) const override;

chrome/browser/chromeos/login/ui/simple_web_view_dialog.cc

@@ -14,6 +14,7 @@
 #include "chrome/browser/command_updater.h"
 #include "chrome/browser/password_manager/chrome_password_manager_client.h"
 #include "chrome/browser/profiles/profile.h"
+#include "chrome/browser/ssl/security_state_model.h"
 #include "chrome/browser/ui/autofill/chrome_autofill_client.h"
 #include "chrome/browser/ui/browser.h"
 #include "chrome/browser/ui/content_settings/content_setting_bubble_model_delegate.h"
@@ -159,6 +160,9 @@ void SimpleWebViewDialog::StartLoad(const GURL& url) {
 }
 
 void SimpleWebViewDialog::Init() {
+  // Create the security state model that the toolbar model needs.
+  if (web_view_->GetWebContents())
+    SecurityStateModel::CreateForWebContents(web_view_->GetWebContents());
   toolbar_model_.reset(new ToolbarModelImpl(this));
 
   set_background(views::Background::CreateSolidBackground(kDialogColor));