[webid] Allow idp_endpoint to be a relative URL

The idp_endpoint property today of the .well-known/webid response is now taken as an absolute URL, which makes it inconvenient for deployment. In this CL we resolve the idp_endpoint URL as a relative URL to the file that it is contained in, allowing both absolute URLs and relative URLs to co-exist. Bug: 1141125 Change-Id: I224274634e5eaf7f7d66d044931fe5823f346829 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2631295 Auto-Submit: Sam Goto <goto@chromium.org> Reviewed-by: Ken Buchanan <kenrb@chromium.org> Commit-Queue: Ken Buchanan <kenrb@chromium.org> Cr-Commit-Position: refs/heads/master@{#844993}

[webid] Allow idp_endpoint to be a relative URL
The idp_endpoint property today of the .well-known/webid response is now taken as an absolute URL, which makes it inconvenient for deployment. In this CL we resolve the idp_endpoint URL as a relative URL to the file that it is contained in, allowing both absolute URLs and relative URLs to co-exist. Bug: 1141125 Change-Id: I224274634e5eaf7f7d66d044931fe5823f346829 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2631295 Auto-Submit: Sam Goto <goto@chromium.org> Reviewed-by: Ken Buchanan <kenrb@chromium.org> Commit-Queue: Ken Buchanan <kenrb@chromium.org> Cr-Commit-Position: refs/heads/master@{#844993}
8b6172ae · Sam Goto · Chromium LUCI CQ · acf3123a · 8b6172ae · 8b6172ae
Commit 8b6172ae authored Jan 20, 2021 by Sam Goto Committed by Chromium LUCI CQ Jan 20, 2021
3 changed files
--- a/content/browser/webid/federated_auth_request_impl.cc
+++ b/content/browser/webid/federated_auth_request_impl.cc
@@ -128,7 +128,11 @@ void FederatedAuthRequestImpl::OnWellKnownFetched(
    }
  }

-  idp_endpoint_url_ = GURL(base::StringPiece(idp_endpoint));
+  const url::Origin& idp_origin = url::Origin::Create(provider_);
+  GURL well_known_url =
+      idp_origin.GetURL().Resolve(IdpNetworkRequestManager::kWellKnownFilePath);
+  idp_endpoint_url_ = well_known_url.Resolve(idp_endpoint);
+
  // TODO(kenrb): This has to be same-origin with the provider.
  // https://crbug.com/1141125
  if (!IdpUrlIsValid(idp_endpoint_url_)) {

--- a/content/browser/webid/idp_network_request_manager.cc
+++ b/content/browser/webid/idp_network_request_manager.cc
@@ -22,7 +22,6 @@ namespace content {
 namespace {
 // TODO(kenrb): These need to be defined in the explainer or draft spec and
 // referenced here.
-constexpr char kWellKnownFilePath[] = ".well-known/webid";

 // Well-known configuration keys.
 constexpr char kIdpEndpointKey[] = "idp_endpoint";
@@ -80,6 +79,9 @@ scoped_refptr<network::SharedURLLoaderFactory> GetUrlLoaderFactory(

 }  // namespace

+// static
+constexpr char IdpNetworkRequestManager::kWellKnownFilePath[];
+
 // static
 std::unique_ptr<IdpNetworkRequestManager> IdpNetworkRequestManager::Create(
    const GURL& provider,
@@ -105,7 +107,8 @@ void IdpNetworkRequestManager::FetchIDPWellKnown(
  idp_well_known_callback_ = std::move(callback);

  const url::Origin& idp_origin = url::Origin::Create(provider_);
-  GURL target_url = idp_origin.GetURL().Resolve(kWellKnownFilePath);
+  GURL target_url =
+      idp_origin.GetURL().Resolve(IdpNetworkRequestManager::kWellKnownFilePath);

  net::NetworkTrafficAnnotationTag traffic_annotation =
      CreateTrafficAnnotation();

--- a/content/browser/webid/idp_network_request_manager.h
+++ b/content/browser/webid/idp_network_request_manager.h
@@ -64,6 +64,8 @@ class IdpNetworkRequestManager {
    kInvalidResponseError,
  };

+  static constexpr char kWellKnownFilePath[] = ".well-known/webid";
+
  using FetchWellKnownCallback =
      base::OnceCallback<void(FetchStatus, const std::string&)>;
  using SigninRequestCallback =