[Web Payment] Secure payment confirmation mojo IPC & payment app.

Before this patch, the secure payment confirmation parameters to
PaymentRequest API from Blink would not be passed to the browser
process.

This patch adds Mojo IPC for secure payment confirmation parameters and
new type of payment app for the Web Payment that is based on these
parameters.

After this patch, Blink passes the secure payment confirmation
parameters to the browser over mojo IPC and the browser uses these
parameters to construct a payment app (when "SecurePaymentConfirmation"
Blink runtime flag is enabled).

Design: https://bit.ly/secure-payment-confirmation
Explainer: https://github.com/rsolomakhin/secure-payment-confirmation

Bug: 1110320
Change-Id: I7b9329d8d6c9724dd05b8d30492677baf2677186
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2359733
Commit-Queue: Rouslan Solomakhin <rouslan@chromium.org>
Reviewed-by: Will Harris <wfh@chromium.org>
Reviewed-by: Nick Burris <nburris@chromium.org>
Cr-Commit-Position: refs/heads/master@{#800400}

chrome/browser/payments/BUILD.gn

@@ -27,6 +27,7 @@ source_set("browsertests") {
     "payment_request_can_make_payment_event_browsertest.cc",
     "payment_request_minimal_ui_browsertest.cc",
     "sec_fetch_site_browsertest.cc",
+    "secure_payment_confirmation_browsertest.cc",
     "two_payment_requests_browsertest.cc",
   ]
 

chrome/browser/payments/secure_payment_confirmation_browsertest.cc

+// Copyright 2020 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "base/command_line.h"
+#include "chrome/test/payments/payment_request_platform_browsertest_base.h"
+#include "content/public/common/content_switches.h"
+#include "content/public/test/browser_test.h"
+#include "content/public/test/browser_test_utils.h"
+#include "testing/gtest/include/gtest/gtest.h"
+
+namespace payments {
+namespace {
+
+static constexpr char kInvokePaymentRequest[] =
+    "getStatusForMethodData([{"
+    "  supportedMethods: 'secure-payment-confirmation',"
+    "  data: {"
+    "    action: 'authenticate',"
+    "    instrumentId: 'x',"
+    "    networkData: Uint8Array.from('x', c => c.charCodeAt(0)),"
+    "    timeout: 60000,"
+    "    fallbackUrl: 'https://fallback.example/url'"
+    "}}])";
+
+class SecurePaymentConfirmationTest
+    : public PaymentRequestPlatformBrowserTestBase {
+ public:
+  void SetUpCommandLine(base::CommandLine* command_line) override {
+    PaymentRequestPlatformBrowserTestBase::SetUpCommandLine(command_line);
+    command_line->AppendSwitch(
+        switches::kEnableExperimentalWebPlatformFeatures);
+  }
+};
+
+IN_PROC_BROWSER_TEST_F(SecurePaymentConfirmationTest, PaymentSheetShowsApp) {
+  NavigateTo("a.com", "/payment_handler_status.html");
+  ResetEventWaiterForSingleEvent(TestEvent::kAppListReady);
+
+  // ExecJs starts executing JavaScript and immediately returns, not waiting for
+  // any promise to return.
+  EXPECT_TRUE(content::ExecJs(GetActiveWebContents(), kInvokePaymentRequest));
+
+  WaitForObservedEvent();
+  ASSERT_FALSE(test_controller()->app_descriptions().empty());
+  EXPECT_EQ(1u, test_controller()->app_descriptions().size());
+  EXPECT_EQ("Stub label", test_controller()->app_descriptions().front().label);
+}
+
+// Intentionally do not enable the "SecurePaymentConfirmation" Blink runtime
+// feature.
+class SecurePaymentConfirmationDisabledTest
+    : public PaymentRequestPlatformBrowserTestBase {};
+
+IN_PROC_BROWSER_TEST_F(SecurePaymentConfirmationDisabledTest,
+                       PaymentMethodNotSupported) {
+  NavigateTo("a.com", "/payment_handler_status.html");
+
+  // EvalJs waits for JavaScript promise to resolve.
+  EXPECT_EQ(
+      "The payment method \"secure-payment-confirmation\" is not supported.",
+      content::EvalJs(GetActiveWebContents(), kInvokePaymentRequest));
+}
+
+}  // namespace
+}  // namespace payments

components/payments/content/BUILD.gn

@@ -36,6 +36,10 @@ static_library("content") {
     "payment_request_converter.h",
     "payment_request_spec.cc",
     "payment_request_spec.h",
+    "secure_payment_confirmation_app.cc",
+    "secure_payment_confirmation_app.h",
+    "secure_payment_confirmation_app_factory.cc",
+    "secure_payment_confirmation_app_factory.h",
     "secure_payment_confirmation_view.h",
     "service_worker_payment_app.cc",
     "service_worker_payment_app.h",

components/payments/content/payment_app_service.cc

@@ -9,6 +9,7 @@
 #include "components/payments/content/android_payment_app_factory.h"
 #include "components/payments/content/autofill_payment_app_factory.h"
 #include "components/payments/content/payment_app.h"
+#include "components/payments/content/secure_payment_confirmation_app_factory.h"
 #include "components/payments/content/service_worker_payment_app_factory.h"
 #include "components/payments/core/features.h"
 #include "components/payments/core/payments_experimental_features.h"
@@ -20,7 +21,7 @@ PaymentAppService::PaymentAppService(content::BrowserContext* context) {
   factories_.emplace_back(std::make_unique<AutofillPaymentAppFactory>());
 
   if (base::FeatureList::IsEnabled(::features::kServiceWorkerPaymentApps)) {
-    factories_.emplace_back(std::make_unique<ServiceWorkerPaymentAppFactory>());
+    factories_.push_back(std::make_unique<ServiceWorkerPaymentAppFactory>());
   }
 
   // TODO(https://crbug.com/1022512): Review the feature flag name when
@@ -28,9 +29,12 @@ PaymentAppService::PaymentAppService(content::BrowserContext* context) {
   // apps. (Currently it works only on Chrome OS with app store billing payment
   // methods.)
   if (PaymentsExperimentalFeatures::IsEnabled(features::kAppStoreBilling)) {
-    factories_.emplace_back(std::make_unique<AndroidPaymentAppFactory>(
+    factories_.push_back(std::make_unique<AndroidPaymentAppFactory>(
         AndroidAppCommunication::GetForBrowserContext(context)));
   }
+
+  // Controlled by the Blink runtime feature "SecurePaymentConfirmation".
+  factories_.push_back(std::make_unique<SecurePaymentConfirmationAppFactory>());
 }
 
 PaymentAppService::~PaymentAppService() = default;

components/payments/content/secure_payment_confirmation_app.cc

+// Copyright 2020 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "components/payments/content/secure_payment_confirmation_app.h"
+
+#include <utility>
+
+#include "base/notreached.h"
+#include "components/payments/core/method_strings.h"
+#include "components/payments/core/payer_data.h"
+
+namespace payments {
+
+SecurePaymentConfirmationApp::SecurePaymentConfirmationApp(
+    std::unique_ptr<SkBitmap> icon,
+    const base::string16& label,
+    const url::Origin& merchant_origin,
+    const mojom::PaymentCurrencyAmountPtr& total,
+    const mojom::SecurePaymentConfirmationRequestPtr& request)
+    : PaymentApp(/*icon_resource_id=*/0, PaymentApp::Type::INTERNAL),
+      icon_(std::move(icon)),
+      label_(label),
+      merchant_origin_(merchant_origin),
+      total_(total.Clone()),
+      request_(request.Clone()) {
+  app_method_names_.insert(methods::kSecurePaymentConfirmation);
+}
+
+SecurePaymentConfirmationApp::~SecurePaymentConfirmationApp() = default;
+
+void SecurePaymentConfirmationApp::InvokePaymentApp(Delegate* delegate) {
+  // TODO(https://crbug.com/1110324): Combine |merchant_origin_|, |total_|, and
+  // |request_| into a challenge to invoke WebAuthn.
+}
+
+bool SecurePaymentConfirmationApp::IsCompleteForPayment() const {
+  return true;
+}
+
+uint32_t SecurePaymentConfirmationApp::GetCompletenessScore() const {
+  // This value is used for sorting multiple apps, but this app always appears
+  // on its own.
+  return 0;
+}
+
+bool SecurePaymentConfirmationApp::CanPreselect() const {
+  return true;
+}
+
+base::string16 SecurePaymentConfirmationApp::GetMissingInfoLabel() const {
+  NOTREACHED();
+  return base::string16();
+}
+
+bool SecurePaymentConfirmationApp::HasEnrolledInstrument() const {
+  // If there's no platform authenticator, then the factory should not create
+  // this app. Therefore, this function can always return true.
+  return true;
+}
+
+void SecurePaymentConfirmationApp::RecordUse() {
+  NOTIMPLEMENTED();
+}
+
+bool SecurePaymentConfirmationApp::NeedsInstallation() const {
+  return false;
+}
+
+std::string SecurePaymentConfirmationApp::GetId() const {
+  return request_->instrument_id;
+}
+
+base::string16 SecurePaymentConfirmationApp::GetLabel() const {
+  return label_;
+}
+
+base::string16 SecurePaymentConfirmationApp::GetSublabel() const {
+  return base::string16();
+}
+
+const SkBitmap* SecurePaymentConfirmationApp::icon_bitmap() const {
+  return icon_.get();
+}
+
+bool SecurePaymentConfirmationApp::IsValidForModifier(
+    const std::string& method,
+    bool supported_networks_specified,
+    const std::set<std::string>& supported_networks) const {
+  bool is_valid = false;
+  IsValidForPaymentMethodIdentifier(method, &is_valid);
+  return is_valid;
+}
+
+base::WeakPtr<PaymentApp> SecurePaymentConfirmationApp::AsWeakPtr() {
+  return weak_ptr_factory_.GetWeakPtr();
+}
+
+bool SecurePaymentConfirmationApp::HandlesShippingAddress() const {
+  return false;
+}
+
+bool SecurePaymentConfirmationApp::HandlesPayerName() const {
+  return false;
+}
+
+bool SecurePaymentConfirmationApp::HandlesPayerEmail() const {
+  return false;
+}
+
+bool SecurePaymentConfirmationApp::HandlesPayerPhone() const {
+  return false;
+}
+
+bool SecurePaymentConfirmationApp::IsWaitingForPaymentDetailsUpdate() const {
+  return false;
+}
+
+void SecurePaymentConfirmationApp::UpdateWith(
+    mojom::PaymentRequestDetailsUpdatePtr details_update) {
+  NOTREACHED();
+}
+
+void SecurePaymentConfirmationApp::OnPaymentDetailsNotUpdated() {
+  NOTREACHED();
+}
+
+void SecurePaymentConfirmationApp::AbortPaymentApp(
+    base::OnceCallback<void(bool)> abort_callback) {
+  std::move(abort_callback).Run(/*abort_success=*/true);
+}
+
+}  // namespace payments

components/payments/content/secure_payment_confirmation_app.h

+// Copyright 2020 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef COMPONENTS_PAYMENTS_CONTENT_SECURE_PAYMENT_CONFIRMATION_APP_H_
+#define COMPONENTS_PAYMENTS_CONTENT_SECURE_PAYMENT_CONFIRMATION_APP_H_
+
+#include "components/payments/content/payment_app.h"
+
+#include <stdint.h>
+#include <memory>
+#include <string>
+#include <vector>
+
+#include "base/memory/weak_ptr.h"
+#include "base/strings/string16.h"
+#include "components/payments/content/secure_payment_confirmation_controller.h"
+#include "third_party/blink/public/mojom/payments/payment_request.mojom.h"
+#include "url/origin.h"
+
+class SkBitmap;
+
+namespace payments {
+
+class SecurePaymentConfirmationApp : public PaymentApp {
+ public:
+  SecurePaymentConfirmationApp(
+      std::unique_ptr<SkBitmap> icon,
+      const base::string16& label,
+      const url::Origin& merchant_origin,
+      const mojom::PaymentCurrencyAmountPtr& total,
+      const mojom::SecurePaymentConfirmationRequestPtr& request);
+  ~SecurePaymentConfirmationApp() override;
+
+  SecurePaymentConfirmationApp(const SecurePaymentConfirmationApp& other) =
+      delete;
+  SecurePaymentConfirmationApp& operator=(
+      const SecurePaymentConfirmationApp& other) = delete;
+
+  // PaymentApp implementation.
+  void InvokePaymentApp(Delegate* delegate) override;
+  bool IsCompleteForPayment() const override;
+  uint32_t GetCompletenessScore() const override;
+  bool CanPreselect() const override;
+  base::string16 GetMissingInfoLabel() const override;
+  bool HasEnrolledInstrument() const override;
+  void RecordUse() override;
+  bool NeedsInstallation() const override;
+  std::string GetId() const override;
+  base::string16 GetLabel() const override;
+  base::string16 GetSublabel() const override;
+  const SkBitmap* icon_bitmap() const override;
+  bool IsValidForModifier(
+      const std::string& method,
+      bool supported_networks_specified,
+      const std::set<std::string>& supported_networks) const override;
+  base::WeakPtr<PaymentApp> AsWeakPtr() override;
+  bool HandlesShippingAddress() const override;
+  bool HandlesPayerName() const override;
+  bool HandlesPayerEmail() const override;
+  bool HandlesPayerPhone() const override;
+  bool IsWaitingForPaymentDetailsUpdate() const override;
+  void UpdateWith(
+      mojom::PaymentRequestDetailsUpdatePtr details_update) override;
+  void OnPaymentDetailsNotUpdated() override;
+  void AbortPaymentApp(base::OnceCallback<void(bool)> abort_callback) override;
+
+ private:
+  const std::unique_ptr<SkBitmap> icon_;
+  const base::string16 label_;
+  const url::Origin merchant_origin_;
+  const mojom::PaymentCurrencyAmountPtr total_;
+  const mojom::SecurePaymentConfirmationRequestPtr request_;
+
+  base::WeakPtrFactory<SecurePaymentConfirmationApp> weak_ptr_factory_{this};
+};
+
+}  // namespace payments
+
+#endif  // COMPONENTS_PAYMENTS_CONTENT_SECURE_PAYMENT_CONFIRMATION_APP_H_

components/payments/content/secure_payment_confirmation_app_factory.cc

+// Copyright 2020 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "components/payments/content/secure_payment_confirmation_app_factory.h"
+
+#include <memory>
+
+#include "base/stl_util.h"
+#include "base/strings/utf_string_conversions.h"
+#include "components/payments/content/payment_request_spec.h"
+#include "components/payments/content/secure_payment_confirmation_app.h"
+#include "components/payments/core/method_strings.h"
+#include "third_party/blink/public/mojom/payments/payment_request.mojom.h"
+#include "url/origin.h"
+
+namespace payments {
+
+SecurePaymentConfirmationAppFactory::SecurePaymentConfirmationAppFactory()
+    : PaymentAppFactory(PaymentApp::Type::INTERNAL) {}
+
+SecurePaymentConfirmationAppFactory::~SecurePaymentConfirmationAppFactory() =
+    default;
+
+void SecurePaymentConfirmationAppFactory::Create(
+    base::WeakPtr<Delegate> delegate) {
+  PaymentRequestSpec* spec = delegate->GetSpec();
+  if (!base::Contains(spec->payment_method_identifiers_set(),
+                      methods::kSecurePaymentConfirmation)) {
+    delegate->OnDoneCreatingPaymentApps();
+    return;
+  }
+
+  for (const mojom::PaymentMethodDataPtr& method_data : spec->method_data()) {
+    if (method_data->supported_method == methods::kSecurePaymentConfirmation &&
+        method_data->secure_payment_confirmation) {
+      // TODO(https://crbug.com/1110324): Check storage for whether
+      // |method_data->secure_payment_confirmation->instrument_id| has any
+      // credentials on this device. If so, retrieve the instrument icon and
+      // label from storage and use these values to create a
+      // SecurePaymentConfirmationApp.
+
+      // A stub payment app that contains the secure payment confirmation
+      // request, but does not yet invoke WebAuthn at this time.
+      delegate->OnPaymentAppCreated(
+          std::make_unique<SecurePaymentConfirmationApp>(
+              /*icon=*/nullptr, /*label=*/base::ASCIIToUTF16("Stub label"),
+              /*merchant_origin=*/url::Origin::Create(delegate->GetTopOrigin()),
+              /*total=*/spec->details().total->amount,
+              /*request=*/method_data->secure_payment_confirmation));
+      break;
+    }
+  }
+
+  delegate->OnDoneCreatingPaymentApps();
+}
+
+}  // namespace payments

components/payments/content/secure_payment_confirmation_app_factory.h

+// Copyright 2020 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef COMPONENTS_PAYMENTS_CONTENT_SECURE_PAYMENT_CONFIRMATION_APP_FACTORY_H_
+#define COMPONENTS_PAYMENTS_CONTENT_SECURE_PAYMENT_CONFIRMATION_APP_FACTORY_H_
+
+#include "base/memory/weak_ptr.h"
+#include "components/payments/content/payment_app_factory.h"
+
+namespace payments {
+
+class SecurePaymentConfirmationAppFactory : public PaymentAppFactory {
+ public:
+  SecurePaymentConfirmationAppFactory();
+  ~SecurePaymentConfirmationAppFactory() override;
+
+  SecurePaymentConfirmationAppFactory(
+      const SecurePaymentConfirmationAppFactory& other) = delete;
+  SecurePaymentConfirmationAppFactory& operator=(
+      const SecurePaymentConfirmationAppFactory& other) = delete;
+
+  // PaymentAppFactory:
+  void Create(base::WeakPtr<Delegate> delegate) override;
+};
+
+}  // namespace payments
+
+#endif  // COMPONENTS_PAYMENTS_CONTENT_SECURE_PAYMENT_CONFIRMATION_APP_FACTORY_H_

components/payments/core/method_strings.h

@@ -41,6 +41,7 @@ extern const char kPayeeCreditTransfer[];
 extern const char kPayerCreditTransfer[];
 
 // Secure Payment Confirmation method name.
+// https://github.com/rsolomakhin/secure-payment-confirmation/
 extern const char kSecurePaymentConfirmation[];
 
 // Tokenized Card method name.

components/test/data/payments/payment_handler_status.js

@@ -11,7 +11,7 @@
  * @return {string} - The status field or error message.
  */
 async function getStatus(method) { // eslint-disable-line no-unused-vars
-  return getStatusInternal([{supportedMethods: method}]);
+  return getStatusForMethodData([{supportedMethods: method}]);
 }
 
 /**
@@ -25,7 +25,7 @@ async function getStatusList(methods) { // eslint-disable-line no-unused-vars
   for (let method of methods) {
     methodData.push({supportedMethods: method});
   }
-  return getStatusInternal(methodData);
+  return getStatusForMethodData(methodData);
 }
 
 /**
@@ -34,7 +34,7 @@ async function getStatusList(methods) { // eslint-disable-line no-unused-vars
  * @param {array<PaymentMethodData>} methodData - The method data to use.
  * @return {string} - The status field or error message.
  */
-async function getStatusInternal(methodData) {
+async function getStatusForMethodData(methodData) {
   try {
     const request = new PaymentRequest(
         methodData,

third_party/blink/public/mojom/payments/payment_request.mojom

@@ -6,6 +6,8 @@
 module payments.mojom;
 
 import "components/payments/mojom/payment_request_data.mojom";
+import "mojo/public/mojom/base/time.mojom";
+import "url/mojom/url.mojom";
 
 struct PaymentResponse {
   string method_name;
@@ -120,6 +122,23 @@ struct GooglePaymentMethodData {
   bool shipping_requested;
 };
 
+// Parameters for the "secure-payment-confirmation" payment method identifier.
+// https://github.com/rsolomakhin/secure-payment-confirmation
+struct SecurePaymentConfirmationRequest {
+  // An identifier of a set of credentials that map to a single instrument
+  // name and icon.
+  string instrument_id;
+
+  // An indefinite-length blob passed from the relying party server, to be sent
+  // to an authenticator for signing together with the price and merchant
+  // origin.
+  array<uint8> network_data;
+
+  // Time to wait for an authenticator to complete an operation provided by the
+  // relying party.
+  mojo_base.mojom.TimeDelta? timeout;
+};
+
 struct PaymentMethodData {
   string supported_method;
 
@@ -150,6 +169,9 @@ struct PaymentMethodData {
 
   // Basic card specific method data is parsed in the renderer.
   array<BasicCardNetwork> supported_networks;
+
+  // Parameters for the "secure-payment-confirmation" payment method identifier.
+  SecurePaymentConfirmationRequest? secure_payment_confirmation;
 };
 
 struct PaymentDetailsModifier {

third_party/blink/renderer/modules/payments/BUILD.gn

@@ -53,6 +53,8 @@ blink_modules_sources("payments") {
     "payments_validators.h",
     "secure_payment_confirmation_helper.cc",
     "secure_payment_confirmation_helper.h",
+    "secure_payment_confirmation_type_converter.cc",
+    "secure_payment_confirmation_type_converter.h",
     "update_payment_details_function.cc",
     "update_payment_details_function.h",
   ]
@@ -66,6 +68,7 @@ blink_modules_sources("payments") {
 
   deps = [
     "//components/payments/mojom:mojom_blink",
+    "//third_party/blink/renderer/modules/credentialmanager",
     "//third_party/blink/renderer/modules/permissions",
     "//third_party/blink/renderer/modules/service_worker",
   ]

third_party/blink/renderer/modules/payments/payment_request.cc

@@ -444,8 +444,9 @@ void StringifyAndParseMethodSpecificData(ExecutionContext& execution_context,
                  &execution_context)) {
     UseCounter::Count(&execution_context,
                       WebFeature::kSecurePaymentConfirmation);
-    SecurePaymentConfirmationHelper::ParseSecurePaymentConfirmationData(
-        input, exception_state);
+    output->secure_payment_confirmation =
+        SecurePaymentConfirmationHelper::ParseSecurePaymentConfirmationData(
+            input, exception_state);
   }
 }
 

third_party/blink/renderer/modules/payments/secure_payment_confirmation_helper.cc

@@ -7,7 +7,9 @@
 #include <stdint.h>
 
 #include "base/logging.h"
+#include "third_party/blink/public/mojom/payments/payment_request.mojom-blink.h"
 #include "third_party/blink/renderer/bindings/modules/v8/v8_secure_payment_confirmation_request.h"
+#include "third_party/blink/renderer/modules/payments/secure_payment_confirmation_type_converter.h"
 #include "third_party/blink/renderer/platform/bindings/exception_state.h"
 
 namespace blink {
@@ -19,7 +21,8 @@ constexpr uint32_t kMaxTimeoutInMilliseconds = 1000 * 60 * 60;
 }  // namespace
 
 // static
-void SecurePaymentConfirmationHelper::ParseSecurePaymentConfirmationData(
+::payments::mojom::blink::SecurePaymentConfirmationRequestPtr
+SecurePaymentConfirmationHelper::ParseSecurePaymentConfirmationData(
     const ScriptValue& input,
     ExceptionState& exception_state) {
   DCHECK(!input.IsEmpty());
@@ -27,21 +30,24 @@ void SecurePaymentConfirmationHelper::ParseSecurePaymentConfirmationData(
       NativeValueTraits<SecurePaymentConfirmationRequest>::NativeValue(
           input.GetIsolate(), input.V8Value(), exception_state);
   if (exception_state.HadException())
-    return;
+    return nullptr;
 
   if (request->instrumentId().IsEmpty()) {
     exception_state.ThrowRangeError(
         "The \"secure-payment-confirmation\" method requires a non-empty "
         "\"instrumentId\" field.");
-    return;
+    return nullptr;
   }
 
   if (request->hasTimeout() && request->timeout() > kMaxTimeoutInMilliseconds) {
     exception_state.ThrowRangeError(
         "The \"secure-payment-confirmation\" method requires at most 1 hour "
         "\"timeout\" field.");
-    return;
+    return nullptr;
   }
+
+  return mojo::ConvertTo<
+      payments::mojom::blink::SecurePaymentConfirmationRequestPtr>(request);
 }
 
 }  // namespace blink

third_party/blink/renderer/modules/payments/secure_payment_confirmation_helper.h

@@ -5,6 +5,7 @@
 #ifndef THIRD_PARTY_BLINK_RENDERER_MODULES_PAYMENTS_SECURE_PAYMENT_CONFIRMATION_HELPER_H_
 #define THIRD_PARTY_BLINK_RENDERER_MODULES_PAYMENTS_SECURE_PAYMENT_CONFIRMATION_HELPER_H_
 
+#include "third_party/blink/public/mojom/payments/payment_request.mojom-blink-forward.h"
 #include "third_party/blink/renderer/platform/wtf/allocator/allocator.h"
 
 namespace blink {
@@ -16,9 +17,10 @@ class SecurePaymentConfirmationHelper {
   STATIC_ONLY(SecurePaymentConfirmationHelper);
 
  public:
-  // Parse 'secure-payment-confirmation' data in |input| or throw an exception.
-  static void ParseSecurePaymentConfirmationData(const ScriptValue& input,
-                                                 ExceptionState&);
+  // Parse 'secure-payment-confirmation' data in |input| and return the result
+  // or throw an exception.
+  static ::payments::mojom::blink::SecurePaymentConfirmationRequestPtr
+  ParseSecurePaymentConfirmationData(const ScriptValue& input, ExceptionState&);
 };
 
 }  // namespace blink

third_party/blink/renderer/modules/payments/secure_payment_confirmation_type_converter.cc

+// Copyright 2020 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "third_party/blink/renderer/modules/payments/secure_payment_confirmation_type_converter.h"
+
+#include <stdint.h>
+
+#include "base/time/time.h"
+#include "third_party/blink/renderer/modules/credentialmanager/credential_manager_type_converters.h"
+#include "third_party/blink/renderer/platform/wtf/vector.h"
+
+namespace mojo {
+
+payments::mojom::blink::SecurePaymentConfirmationRequestPtr
+TypeConverter<payments::mojom::blink::SecurePaymentConfirmationRequestPtr,
+              blink::SecurePaymentConfirmationRequest*>::
+    Convert(const blink::SecurePaymentConfirmationRequest* input) {
+  auto output = payments::mojom::blink::SecurePaymentConfirmationRequest::New();
+  output->instrument_id = input->instrumentId();
+  output->network_data = mojo::ConvertTo<Vector<uint8_t>>(input->networkData());
+
+  // If a timeout was not specified in JavaScript, then pass a null |timeout|
+  // through mojo IPC, so the browser can set a default (e.g., 3 minutes).
+  if (input->hasTimeout())
+    output->timeout = base::TimeDelta::FromMilliseconds(input->timeout());
+
+  return output;
+}
+
+}  // namespace mojo

third_party/blink/renderer/modules/payments/secure_payment_confirmation_type_converter.h

+// Copyright 2020 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef THIRD_PARTY_BLINK_RENDERER_MODULES_PAYMENTS_SECURE_PAYMENT_CONFIRMATION_TYPE_CONVERTER_H_
+#define THIRD_PARTY_BLINK_RENDERER_MODULES_PAYMENTS_SECURE_PAYMENT_CONFIRMATION_TYPE_CONVERTER_H_
+
+#include "mojo/public/cpp/bindings/type_converter.h"
+#include "third_party/blink/public/mojom/payments/payment_request.mojom-blink.h"
+#include "third_party/blink/renderer/bindings/modules/v8/v8_secure_payment_confirmation_request.h"
+
+namespace mojo {
+
+template <>
+struct TypeConverter<
+    payments::mojom::blink::SecurePaymentConfirmationRequestPtr,
+    blink::SecurePaymentConfirmationRequest*> {
+  static payments::mojom::blink::SecurePaymentConfirmationRequestPtr Convert(
+      const blink::SecurePaymentConfirmationRequest* input);
+};
+
+}  // namespace mojo
+
+#endif  // THIRD_PARTY_BLINK_RENDERER_MODULES_PAYMENTS_SECURE_PAYMENT_CONFIRMATION_TYPE_CONVERTER_H_