🤝 Wipe OriginVerifier persistent data when browsing data cleared.

Bug: 844043
Change-Id: I8a24df699cf697762cdbcc3ca9259f839c04d212
Reviewed-on: https://chromium-review.googlesource.com/1085053Reviewed-by: Benoit L <lizeb@chromium.org>
Reviewed-by: Bernhard Bauer <bauerb@chromium.org>
Reviewed-by: Martin Šrámek <msramek@chromium.org>
Commit-Queue: Peter Conn <peconn@chromium.org>
Cr-Commit-Position: refs/heads/master@{#564863}

chrome/android/java/src/org/chromium/chrome/browser/browserservices/OriginVerifier.java

@@ -38,6 +38,7 @@ import java.security.cert.CertificateEncodingException;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;
 import java.security.cert.X509Certificate;
+import java.util.Collections;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Locale;
@@ -386,6 +387,16 @@ public class OriginVerifier {
         return packageName + "," + origin + "," + relation;
     }
 
+    /**
+     * Removes any data about sites visited from static variables and Android Preferences.
+     */
+    @CalledByNative
+    public static void clearBrowsingData() {
+        ThreadUtils.assertOnUiThread();
+        if (sPackageToCachedOrigins != null) sPackageToCachedOrigins.clear();
+        ChromePreferenceManager.getInstance().setVerifiedDigitalAssetLinks(Collections.emptySet());
+    }
+
     private native long nativeInit(Profile profile);
     private native boolean nativeVerifyOrigin(long nativeOriginVerifier, String packageName,
             String signatureFingerprint, String origin, String relationship);

chrome/android/java/src/org/chromium/chrome/browser/preferences/privacy/ClearBrowsingDataPreferences.java

@@ -393,7 +393,7 @@ public abstract class ClearBrowsingDataPreferences extends PreferenceFragment
 
     /**
      * Called when clearing browsing data completes.
-     * Implements the ChromePreferences.OnClearBrowsingDataListener interface.
+     * Implements the BrowsingDataBridge.OnClearBrowsingDataListener interface.
      */
     @Override
     public void onBrowsingDataCleared() {

chrome/android/javatests/src/org/chromium/chrome/browser/browserservices/OriginVerifierTest.java

@@ -15,20 +15,33 @@ import org.junit.Test;
 import org.junit.runner.RunWith;
 
 import org.chromium.base.ThreadUtils;
-import org.chromium.base.test.BaseJUnit4ClassRunner;
+import org.chromium.base.test.util.CallbackHelper;
+import org.chromium.base.test.util.CommandLineFlags;
+import org.chromium.chrome.browser.ChromeActivity;
+import org.chromium.chrome.browser.ChromeSwitches;
 import org.chromium.chrome.browser.ChromeVersionInfo;
 import org.chromium.chrome.browser.browserservices.OriginVerifier.OriginVerificationListener;
-import org.chromium.content.browser.test.NativeLibraryTestRule;
-
+import org.chromium.chrome.browser.browsing_data.BrowsingDataType;
+import org.chromium.chrome.browser.browsing_data.TimePeriod;
+import org.chromium.chrome.browser.preferences.ChromePreferenceManager;
+import org.chromium.chrome.browser.preferences.privacy.BrowsingDataBridge;
+import org.chromium.chrome.test.ChromeActivityTestRule;
+import org.chromium.chrome.test.ChromeJUnit4ClassRunner;
+
+import java.util.HashSet;
+import java.util.Set;
 import java.util.concurrent.Callable;
 import java.util.concurrent.Semaphore;
 import java.util.concurrent.TimeUnit;
+import java.util.concurrent.TimeoutException;
 
 /** Tests for OriginVerifier. */
-@RunWith(BaseJUnit4ClassRunner.class)
+@RunWith(ChromeJUnit4ClassRunner.class)
+@CommandLineFlags.Add({ChromeSwitches.DISABLE_FIRST_RUN_EXPERIENCE})
 public class OriginVerifierTest {
     @Rule
-    public NativeLibraryTestRule mNativeLibraryTestRule = new NativeLibraryTestRule();
+    public ChromeActivityTestRule<ChromeActivity> mActivityTestRule =
+            new ChromeActivityTestRule<>(ChromeActivity.class);
 
     private static final long TIMEOUT_MS = 1000;
     private static final byte[] BYTE_ARRAY = new byte[] {(byte) 0xaa, (byte) 0xbb, (byte) 0xcc,
@@ -69,7 +82,7 @@ public class OriginVerifierTest {
 
     @Before
     public void setUp() throws Exception {
-        mNativeLibraryTestRule.loadNativeLibraryNoBrowserProcess();
+        mActivityTestRule.startMainActivityOnBlankPage();
 
         mHttpsOrigin = new Origin("https://www.example.com");
         mHttpOrigin = new Origin("http://www.android.com");
@@ -131,4 +144,27 @@ public class OriginVerifierTest {
         Assert.assertEquals(mLastPackageName, PACKAGE_NAME);
         Assert.assertEquals(mLastOrigin, mHttpsOrigin);
     }
+
+    @Test
+    @SmallTest
+    public void testWipedWithBrowsingData() throws InterruptedException, TimeoutException {
+        CallbackHelper callbackHelper = new CallbackHelper();
+
+        String relationship = "relationship1";
+        Set<String> savedLinks = new HashSet<>();
+        savedLinks.add(relationship);
+
+        ChromePreferenceManager preferences = ChromePreferenceManager.getInstance();
+
+        preferences.setVerifiedDigitalAssetLinks(savedLinks);
+        Assert.assertTrue(preferences.getVerifiedDigitalAssetLinks().contains(relationship));
+
+        ThreadUtils.runOnUiThreadBlocking(() -> {
+            BrowsingDataBridge.getInstance().clearBrowsingData(callbackHelper::notifyCalled,
+                    new int[] {BrowsingDataType.HISTORY}, TimePeriod.ALL_TIME);
+        });
+
+        callbackHelper.waitForCallback(0);
+        Assert.assertTrue(preferences.getVerifiedDigitalAssetLinks().isEmpty());
+    }
 }

chrome/browser/android/customtabs/origin_verifier.cc

@@ -22,6 +22,9 @@ using digital_asset_links::RelationshipCheckResult;
 
 namespace customtabs {
 
+// static variables are zero-initialized.
+int OriginVerifier::clear_browsing_data_call_count_for_tests_;
+
 OriginVerifier::OriginVerifier(JNIEnv* env,
                                const JavaRef<jobject>& obj,
                                const JavaRef<jobject>& jprofile) {
@@ -75,6 +78,19 @@ void OriginVerifier::Destroy(JNIEnv* env,
   delete this;
 }
 
+// static
+void OriginVerifier::ClearBrowsingData() {
+  JNIEnv* env = base::android::AttachCurrentThread();
+
+  Java_OriginVerifier_clearBrowsingData(env);
+  clear_browsing_data_call_count_for_tests_++;
+}
+
+// static
+int OriginVerifier::GetClearBrowsingDataCallCountForTesting() {
+  return clear_browsing_data_call_count_for_tests_;
+}
+
 static jlong JNI_OriginVerifier_Init(
     JNIEnv* env,
     const base::android::JavaParamRef<jobject>& obj,

chrome/browser/android/customtabs/origin_verifier.h

@@ -36,6 +36,8 @@ class OriginVerifier {
 
   void Destroy(JNIEnv* env, const base::android::JavaRef<jobject>& obj);
 
+  static void ClearBrowsingData();
+  static int GetClearBrowsingDataCallCountForTesting();
  private:
   void OnRelationshipCheckComplete(
       digital_asset_links::RelationshipCheckResult result);
@@ -45,6 +47,8 @@ class OriginVerifier {
 
   base::android::ScopedJavaGlobalRef<jobject> jobject_;
 
+  static int clear_browsing_data_call_count_for_tests_;
+
   DISALLOW_COPY_AND_ASSIGN(OriginVerifier);
 };
 

chrome/browser/browsing_data/chrome_browsing_data_remover_delegate.cc

@@ -95,6 +95,7 @@
 #include "net/http/http_transaction_factory.h"
 
 #if defined(OS_ANDROID)
+#include "chrome/browser/android/customtabs/origin_verifier.h"
 #include "chrome/browser/android/oom_intervention/oom_intervention_decider.h"
 #include "chrome/browser/android/search_permissions/search_permissions_service.h"
 #include "chrome/browser/android/webapps/webapp_registry.h"
@@ -539,6 +540,10 @@ void ChromeBrowsingDataRemoverDelegate::RemoveEmbedderData(
     // Clear the history information (last launch time and origin URL) of any
     // registered webapps.
     webapp_registry_->ClearWebappHistoryForUrls(filter);
+
+    // The OriginVerifier caches origins for Trusted Web Activities that have
+    // been verified and stores them in Android Preferences.
+    customtabs::OriginVerifier::ClearBrowsingData();
 #endif
 
     data_reduction_proxy::DataReductionProxySettings*

chrome/browser/browsing_data/chrome_browsing_data_remover_delegate_unittest.cc

@@ -92,6 +92,7 @@
 #include "ui/gfx/favicon_size.h"
 
 #if defined(OS_ANDROID)
+#include "chrome/browser/android/customtabs/origin_verifier.h"
 #include "chrome/browser/android/search_permissions/search_permissions_service.h"
 #include "chrome/browser/android/webapps/webapp_registry.h"
 #else  // !defined(OS_ANDROID)
@@ -2931,3 +2932,16 @@ TEST_F(ChromeBrowsingDataRemoverDelegateTest, AllTypesAreGettingDeleted) {
     }
   }
 }
+
+#if defined(OS_ANDROID)
+TEST_F(ChromeBrowsingDataRemoverDelegateTest, WipeOriginVerifierData) {
+  int before =
+    customtabs::OriginVerifier::GetClearBrowsingDataCallCountForTesting();
+  BlockUntilBrowsingDataRemoved(
+      base::Time(), base::Time::Max(),
+      ChromeBrowsingDataRemoverDelegate::DATA_TYPE_HISTORY, false);
+  EXPECT_EQ(before + 1,
+      customtabs::OriginVerifier::GetClearBrowsingDataCallCountForTesting());
+}
+
+#endif  // defined(OS_ANDROID)