[Web Payment] Invoke WebAuthn from SecurePaymentConfirmationApp.

Before this patch, paying via secure payment confirmation method would
always return {"status": "success"} without invoking WebAuthn.

This patch checks that the platform authenticator is user-verifying and
invokes WebAuthn with stubbed out options. The
autofill::InternalAuthenticator is being used because it provides a
cross-platform abstraction that fits neatly into the cross-platform
payment apps and factories of Web Payment.

After this patch, only devices with user-verifying authenticators would
display a payment app and invoking that app will always fail because of
the stub credential identifier.

Design: https://bit.ly/secure-payment-confirmation
Explainer: https://github.com/rsolomakhin/secure-payment-confirmation

Bug: 1110320
Change-Id: I8adabf2938ae5a65a6a87c9bc5f6df275b833f24
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2364813Reviewed-by: Mike West <mkwst@chromium.org>
Reviewed-by: Ken Buchanan <kenrb@chromium.org>
Reviewed-by: Nick Burris <nburris@chromium.org>
Commit-Queue: Rouslan Solomakhin <rouslan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#800572}

chrome/browser/payments/android/payment_app_service_bridge.cc

@@ -14,6 +14,7 @@
 #include "base/check_op.h"
 #include "base/memory/singleton.h"
 #include "base/notreached.h"
+#include "chrome/browser/autofill/android/internal_authenticator_android.h"
 #include "chrome/browser/payments/android/jni_headers/PaymentAppServiceBridge_jni.h"
 #include "chrome/browser/profiles/profile.h"
 #include "chrome/browser/web_data_service_factory.h"
@@ -246,6 +247,11 @@ PaymentAppServiceBridge::GetMethodData() const {
   return spec_->method_data();
 }
 
+std::unique_ptr<autofill::InternalAuthenticator>
+PaymentAppServiceBridge::CreateInternalAuthenticator() const {
+  return std::make_unique<InternalAuthenticatorAndroid>(render_frame_host_);
+}
+
 scoped_refptr<PaymentManifestWebDataService>
 PaymentAppServiceBridge::GetPaymentManifestWebDataService() const {
   return payment_manifest_web_data_service_;

chrome/browser/payments/android/payment_app_service_bridge.h

@@ -68,6 +68,8 @@ class PaymentAppServiceBridge : public PaymentAppFactory::Delegate {
   content::RenderFrameHost* GetInitiatorRenderFrameHost() const override;
   const std::vector<mojom::PaymentMethodDataPtr>& GetMethodData()
       const override;
+  std::unique_ptr<autofill::InternalAuthenticator> CreateInternalAuthenticator()
+      const override;
   scoped_refptr<PaymentManifestWebDataService>
   GetPaymentManifestWebDataService() const override;
   bool MayCrawlForInstallablePaymentApps() override;

chrome/browser/payments/chrome_payment_request_delegate.cc

@@ -23,6 +23,7 @@
 #include "chrome/browser/ui/browser_window.h"
 #include "chrome/browser/ui/views/payments/payment_request_dialog_view.h"
 #include "chrome/browser/web_data_service_factory.h"
+#include "components/autofill/content/browser/webauthn/internal_authenticator_impl.h"
 #include "components/autofill/core/browser/address_normalizer_impl.h"
 #include "components/autofill/core/browser/geo/region_data_loader_impl.h"
 #include "components/autofill/core/browser/personal_data_manager.h"
@@ -167,6 +168,12 @@ bool ChromePaymentRequestDelegate::IsBrowserWindowActive() const {
   return browser && browser->window() && browser->window()->IsActive();
 }
 
+std::unique_ptr<autofill::InternalAuthenticator>
+ChromePaymentRequestDelegate::CreateInternalAuthenticator(
+    content::RenderFrameHost* rfh) const {
+  return std::make_unique<content::InternalAuthenticatorImpl>(rfh);
+}
+
 scoped_refptr<PaymentManifestWebDataService>
 ChromePaymentRequestDelegate::GetPaymentManifestWebDataService() const {
   return WebDataServiceFactory::GetPaymentManifestWebDataForProfile(

chrome/browser/payments/chrome_payment_request_delegate.h

@@ -47,6 +47,8 @@ class ChromePaymentRequestDelegate : public ContentPaymentRequestDelegate {
   bool IsBrowserWindowActive() const override;
 
   // ContentPaymentRequestDelegate:
+  std::unique_ptr<autofill::InternalAuthenticator> CreateInternalAuthenticator(
+      content::RenderFrameHost* rfh) const override;
   scoped_refptr<PaymentManifestWebDataService>
   GetPaymentManifestWebDataService() const override;
   PaymentRequestDisplayManager* GetDisplayManager() override;

chrome/browser/payments/secure_payment_confirmation_browsertest.cc

@@ -3,6 +3,7 @@
 // found in the LICENSE file.
 
 #include "base/command_line.h"
+#include "build/build_config.h"
 #include "chrome/test/payments/payment_request_platform_browsertest_base.h"
 #include "content/public/common/content_switches.h"
 #include "content/public/test/browser_test.h"
@@ -33,7 +34,26 @@ class SecurePaymentConfirmationTest
   }
 };
 
-IN_PROC_BROWSER_TEST_F(SecurePaymentConfirmationTest, PaymentSheetShowsApp) {
+IN_PROC_BROWSER_TEST_F(SecurePaymentConfirmationTest, NoAuthenticator) {
+  test_controller()->SetHasAuthenticator(false);
+  NavigateTo("a.com", "/payment_handler_status.html");
+
+  // EvalJs waits for JavaScript promise to resolve.
+  EXPECT_EQ(
+      "The payment method \"secure-payment-confirmation\" is not supported.",
+      content::EvalJs(GetActiveWebContents(), kInvokePaymentRequest));
+}
+
+#if defined(OS_ANDROID)
+// TODO(https://crbug.com/1110320): Implement SetHasAuthenticator() for Android,
+// so this behavior can be tested on Android as well.
+#define MAYBE_PaymentSheetShowsApp DISABLED_PaymentSheetShowsApp
+#else
+#define MAYBE_PaymentSheetShowsApp PaymentSheetShowsApp
+#endif  // OS_ANDROID
+IN_PROC_BROWSER_TEST_F(SecurePaymentConfirmationTest,
+                       MAYBE_PaymentSheetShowsApp) {
+  test_controller()->SetHasAuthenticator(true);
   NavigateTo("a.com", "/payment_handler_status.html");
   ResetEventWaiterForSingleEvent(TestEvent::kAppListReady);
 
@@ -54,6 +74,7 @@ class SecurePaymentConfirmationDisabledTest
 
 IN_PROC_BROWSER_TEST_F(SecurePaymentConfirmationDisabledTest,
                        PaymentMethodNotSupported) {
+  test_controller()->SetHasAuthenticator(true);
   NavigateTo("a.com", "/payment_handler_status.html");
 
   // EvalJs waits for JavaScript promise to resolve.

chrome/test/payments/BUILD.gn

@@ -41,6 +41,9 @@ static_library("test_support") {
   if (!is_android) {
     sources += [ "payment_request_test_controller_desktop.cc" ]
 
-    deps += [ "//chrome/test:test_support_ui" ]
+    deps += [
+      "//chrome/test:test_support_ui",
+      "//components/autofill/content/browser/webauthn",
+    ]
   }
 }

chrome/test/payments/DEPS

 include_rules = [
   "+components/network_session_configurator/common",
   "+components/payments",
+  "+third_party/blink/public/mojom/webauthn",
 ]

chrome/test/payments/payment_request_test_controller.h

@@ -66,6 +66,7 @@ class PaymentRequestTestController {
   void SetValidSsl(bool valid_ssl);
   void SetCanMakePaymentEnabledPref(bool can_make_payment_enabled);
   void SetTwaPackageName(const std::string& twa_package_name);
+  void SetHasAuthenticator(bool has_authenticator);
   void SetTwaPaymentApp(const std::string& method_name,
                         const std::string& response);
 
@@ -122,6 +123,7 @@ class PaymentRequestTestController {
   bool valid_ssl_ = true;
   bool can_make_payment_pref_ = true;
   std::string twa_package_name_;
+  bool has_authenticator_ = false;
   std::string twa_payment_app_method_name_;
   std::string twa_payment_app_response_;
   std::vector<AppDescription> app_descriptions_;

chrome/test/payments/payment_request_test_controller_android.cc

@@ -112,6 +112,13 @@ void PaymentRequestTestController::SetTwaPackageName(
       /*skip_ui_for_basic_card=*/false, twa_package_name_);
 }
 
+void PaymentRequestTestController::SetHasAuthenticator(bool has_authenticator) {
+  // TODO(https://crbug.com/1110320): Implement SetHasAuthenticator() for
+  // Android, so secure payment confirmation can be integration tested on
+  // Android as well.
+  has_authenticator_ = has_authenticator;
+}
+
 void PaymentRequestTestController::SetTwaPaymentApp(
     const std::string& method_name,
     const std::string& response) {

chrome/test/payments/payment_request_test_controller_desktop.cc

@@ -10,6 +10,8 @@
 #include "base/strings/utf_string_conversions.h"
 #include "chrome/browser/payments/chrome_payment_request_delegate.h"
 #include "chrome/browser/payments/payment_request_factory.h"
+#include "components/autofill/content/browser/webauthn/internal_authenticator_impl.h"
+#include "components/autofill/core/browser/payments/internal_authenticator.h"
 #include "components/payments/content/android_app_communication.h"
 #include "components/payments/content/payment_request.h"
 #include "components/payments/content/payment_request_web_contents_manager.h"
@@ -17,22 +19,46 @@
 #include "components/payments/core/payment_request_delegate.h"
 #include "components/sync_preferences/testing_pref_service_syncable.h"
 #include "mojo/public/cpp/bindings/pending_receiver.h"
+#include "third_party/blink/public/mojom/webauthn/authenticator.mojom.h"
 
 namespace payments {
 namespace {
 
+class TestAuthenticator : public content::InternalAuthenticatorImpl {
+ public:
+  explicit TestAuthenticator(content::RenderFrameHost* rfh,
+                             bool has_authenticator)
+      : content::InternalAuthenticatorImpl(rfh),
+        has_authenticator_(has_authenticator) {}
+
+  ~TestAuthenticator() override = default;
+
+  // autofill::InternalAuthenticator
+  void IsUserVerifyingPlatformAuthenticatorAvailable(
+      blink::mojom::Authenticator::
+          IsUserVerifyingPlatformAuthenticatorAvailableCallback callback)
+      override {
+    std::move(callback).Run(has_authenticator_);
+  }
+
+ private:
+  const bool has_authenticator_;
+};
+
 class ChromePaymentRequestTestDelegate : public ChromePaymentRequestDelegate {
  public:
   ChromePaymentRequestTestDelegate(content::WebContents* web_contents,
                                    bool is_off_the_record,
                                    bool valid_ssl,
                                    PrefService* prefs,
-                                   const std::string& twa_package_name)
+                                   const std::string& twa_package_name,
+                                   bool has_authenticator)
       : ChromePaymentRequestDelegate(web_contents),
         is_off_the_record_(is_off_the_record),
         valid_ssl_(valid_ssl),
         prefs_(prefs),
-        twa_package_name_(twa_package_name) {}
+        twa_package_name_(twa_package_name),
+        has_authenticator_(has_authenticator) {}
 
   bool IsOffTheRecord() const override { return is_off_the_record_; }
   std::string GetInvalidSslCertificateErrorMessage() override {
@@ -41,12 +67,17 @@ class ChromePaymentRequestTestDelegate : public ChromePaymentRequestDelegate {
   PrefService* GetPrefService() override { return prefs_; }
   bool IsBrowserWindowActive() const override { return true; }
   std::string GetTwaPackageName() const override { return twa_package_name_; }
+  std::unique_ptr<autofill::InternalAuthenticator> CreateInternalAuthenticator(
+      content::RenderFrameHost* rfh) const override {
+    return std::make_unique<TestAuthenticator>(rfh, has_authenticator_);
+  }
 
  private:
   const bool is_off_the_record_;
   const bool valid_ssl_;
   PrefService* const prefs_;
   const std::string twa_package_name_;
+  const bool has_authenticator_;
 };
 
 }  // namespace
@@ -159,6 +190,11 @@ void PaymentRequestTestController::SetTwaPackageName(
   UpdateDelegateFactory();
 }
 
+void PaymentRequestTestController::SetHasAuthenticator(bool has_authenticator) {
+  has_authenticator_ = has_authenticator;
+  UpdateDelegateFactory();
+}
+
 void PaymentRequestTestController::SetTwaPaymentApp(
     const std::string& method_name,
     const std::string& response) {
@@ -171,7 +207,7 @@ void PaymentRequestTestController::UpdateDelegateFactory() {
   SetPaymentRequestFactoryForTesting(base::BindRepeating(
       [](PaymentRequest::ObserverForTest* observer_for_test,
          bool is_off_the_record, bool valid_ssl, PrefService* prefs,
-         const std::string& twa_package_name,
+         const std::string& twa_package_name, bool has_authenticator,
          const std::string& twa_payment_app_method_name,
          const std::string& twa_payment_app_response,
          mojo::PendingReceiver<payments::mojom::PaymentRequest> receiver,
@@ -180,8 +216,8 @@ void PaymentRequestTestController::UpdateDelegateFactory() {
             content::WebContents::FromRenderFrameHost(render_frame_host);
         DCHECK(web_contents);
         auto delegate = std::make_unique<ChromePaymentRequestTestDelegate>(
-            web_contents, is_off_the_record, valid_ssl, prefs,
-            twa_package_name);
+            web_contents, is_off_the_record, valid_ssl, prefs, twa_package_name,
+            has_authenticator);
         PaymentRequestWebContentsManager* manager =
             PaymentRequestWebContentsManager::GetOrCreateForWebContents(
                 web_contents);
@@ -196,7 +232,7 @@ void PaymentRequestTestController::UpdateDelegateFactory() {
                                       observer_for_test);
       },
       observer_converter_.get(), is_off_the_record_, valid_ssl_, prefs_.get(),
-      twa_package_name_, twa_payment_app_method_name_,
+      twa_package_name_, has_authenticator_, twa_payment_app_method_name_,
       twa_payment_app_response_));
 }
 

components/payments/content/BUILD.gn

@@ -62,6 +62,7 @@ static_library("content") {
     "//components/ukm/content",
     "//components/url_formatter",
     "//content/public/browser",
+    "//device/fido",
     "//third_party/blink/public:blink_headers",
     "//url",
   ]

components/payments/content/DEPS

@@ -10,6 +10,7 @@ include_rules = [
   "+components/url_formatter",
   "+components/webdata/common",
   "+content/public",
+  "+device/fido",
   "+mojo/public/cpp",
   "+net",
   "+services/data_decoder/public/cpp",
@@ -21,6 +22,7 @@ include_rules = [
   "+third_party/blink/public/common",
   "+third_party/blink/public/mojom/devtools/console_message.mojom.h",
   "+third_party/blink/public/mojom/payments",
+  "+third_party/blink/public/mojom/webauthn",
   "+third_party/blink/public/platform/modules/payments",
   "+third_party/skia/include/core/SkBitmap.h",
   "+ui/base",

components/payments/content/android_payment_app_factory_unittest.cc

@@ -8,6 +8,7 @@
 
 #include "base/memory/weak_ptr.h"
 #include "base/stl_util.h"
+#include "components/autofill/core/browser/payments/internal_authenticator.h"
 #include "components/payments/content/android_app_communication.h"
 #include "components/payments/content/android_app_communication_test_support.h"
 #include "components/payments/content/payment_app_factory.h"
@@ -64,6 +65,8 @@ class MockPaymentAppFactoryDelegate : public PaymentAppFactory::Delegate {
   MOCK_CONST_METHOD0(GetInitiatorRenderFrameHost, content::RenderFrameHost*());
   MOCK_CONST_METHOD0(GetMethodData,
                      const std::vector<mojom::PaymentMethodDataPtr>&());
+  MOCK_CONST_METHOD0(CreateInternalAuthenticator,
+                     std::unique_ptr<autofill::InternalAuthenticator>());
   MOCK_CONST_METHOD0(GetPaymentManifestWebDataService,
                      scoped_refptr<PaymentManifestWebDataService>());
   MOCK_METHOD0(MayCrawlForInstallablePaymentApps, bool());

components/payments/content/content_payment_request_delegate.h

@@ -5,6 +5,7 @@
 #ifndef COMPONENTS_PAYMENTS_CONTENT_CONTENT_PAYMENT_REQUEST_DELEGATE_H_
 #define COMPONENTS_PAYMENTS_CONTENT_CONTENT_PAYMENT_REQUEST_DELEGATE_H_
 
+#include <memory>
 #include <string>
 
 #include "components/payments/content/payment_request_display_manager.h"
@@ -13,6 +14,14 @@
 template <class T>
 class scoped_refptr;
 
+namespace autofill {
+class InternalAuthenticator;
+}  // namespace autofill
+
+namespace content {
+class RenderFrameHost;
+}  // namespace content
+
 namespace payments {
 
 class PaymentManifestWebDataService;
@@ -23,6 +32,11 @@ class ContentPaymentRequestDelegate : public PaymentRequestDelegate {
  public:
   ~ContentPaymentRequestDelegate() override {}
 
+  // Creates and returns an instance of the InternalAuthenticator interface for
+  // communication with WebAuthn.
+  virtual std::unique_ptr<autofill::InternalAuthenticator>
+  CreateInternalAuthenticator(content::RenderFrameHost* rfh) const = 0;
+
   // Returns the web data service for caching payment method manifests.
   virtual scoped_refptr<PaymentManifestWebDataService>
   GetPaymentManifestWebDataService() const = 0;

components/payments/content/payment_app_factory.h

@@ -20,6 +20,7 @@ class GURL;
 
 namespace autofill {
 class AutofillProfile;
+class InternalAuthenticator;
 }  // namespace autofill
 
 namespace content {
@@ -51,6 +52,8 @@ class PaymentAppFactory {
     virtual content::RenderFrameHost* GetInitiatorRenderFrameHost() const = 0;
     virtual const std::vector<mojom::PaymentMethodDataPtr>& GetMethodData()
         const = 0;
+    virtual std::unique_ptr<autofill::InternalAuthenticator>
+    CreateInternalAuthenticator() const = 0;
     virtual scoped_refptr<PaymentManifestWebDataService>
     GetPaymentManifestWebDataService() const = 0;
     virtual bool MayCrawlForInstallablePaymentApps() = 0;

components/payments/content/payment_request_state.cc

@@ -137,6 +137,12 @@ PaymentRequestState::GetMethodData() const {
   return GetSpec()->method_data();
 }
 
+std::unique_ptr<autofill::InternalAuthenticator>
+PaymentRequestState::CreateInternalAuthenticator() const {
+  return GetPaymentRequestDelegate()->CreateInternalAuthenticator(
+      initiator_render_frame_host_);
+}
+
 scoped_refptr<PaymentManifestWebDataService>
 PaymentRequestState::GetPaymentManifestWebDataService() const {
   return GetPaymentRequestDelegate()->GetPaymentManifestWebDataService();

components/payments/content/payment_request_state.h

@@ -139,6 +139,8 @@ class PaymentRequestState : public PaymentAppFactory::Delegate,
   content::RenderFrameHost* GetInitiatorRenderFrameHost() const override;
   const std::vector<mojom::PaymentMethodDataPtr>& GetMethodData()
       const override;
+  std::unique_ptr<autofill::InternalAuthenticator> CreateInternalAuthenticator()
+      const override;
   scoped_refptr<PaymentManifestWebDataService>
   GetPaymentManifestWebDataService() const override;
   const std::vector<autofill::AutofillProfile*>& GetBillingProfiles() override;

components/payments/content/secure_payment_confirmation_app.cc

@@ -6,32 +6,83 @@
 
 #include <utility>
 
+#include "base/check.h"
+#include "base/containers/flat_tree.h"
 #include "base/notreached.h"
+#include "base/strings/strcat.h"
+#include "base/time/time.h"
+#include "components/autofill/core/browser/payments/internal_authenticator.h"
 #include "components/payments/core/method_strings.h"
 #include "components/payments/core/payer_data.h"
+#include "device/fido/fido_transport_protocol.h"
+#include "device/fido/fido_types.h"
+#include "device/fido/public_key_credential_descriptor.h"
+#include "url/url_constants.h"
 
 namespace payments {
+namespace {
+
+static constexpr int kDefaultTimeoutMinutes = 3;
+
+}  // namespace
 
 SecurePaymentConfirmationApp::SecurePaymentConfirmationApp(
+    const std::string& effective_relying_party_identity,
     std::unique_ptr<SkBitmap> icon,
     const base::string16& label,
+    std::vector<std::unique_ptr<std::vector<uint8_t>>> credential_ids,
     const url::Origin& merchant_origin,
     const mojom::PaymentCurrencyAmountPtr& total,
-    const mojom::SecurePaymentConfirmationRequestPtr& request)
+    mojom::SecurePaymentConfirmationRequestPtr request,
+    std::unique_ptr<autofill::InternalAuthenticator> authenticator)
     : PaymentApp(/*icon_resource_id=*/0, PaymentApp::Type::INTERNAL),
+      effective_relying_party_identity_(effective_relying_party_identity),
       icon_(std::move(icon)),
       label_(label),
+      credential_ids_(std::move(credential_ids)),
       merchant_origin_(merchant_origin),
       total_(total.Clone()),
-      request_(request.Clone()) {
+      request_(std::move(request)),
+      authenticator_(std::move(authenticator)) {
+  DCHECK(!credential_ids_.empty());
+  DCHECK(credential_ids_.front());
+  DCHECK(!credential_ids_.front()->empty());
+
   app_method_names_.insert(methods::kSecurePaymentConfirmation);
 }
 
 SecurePaymentConfirmationApp::~SecurePaymentConfirmationApp() = default;
 
 void SecurePaymentConfirmationApp::InvokePaymentApp(Delegate* delegate) {
+  std::vector<device::PublicKeyCredentialDescriptor> credentials;
+  for (const auto& credential_id : credential_ids_) {
+    credentials.emplace_back(device::CredentialType::kPublicKey, *credential_id,
+                             base::flat_set<device::FidoTransportProtocol>{
+                                 device::FidoTransportProtocol::kInternal});
+  }
+
+  auto options = blink::mojom::PublicKeyCredentialRequestOptions::New();
+  options->relying_party_id = effective_relying_party_identity_;
+  options->timeout = request_->timeout.has_value()
+                         ? request_->timeout.value()
+                         : base::TimeDelta::FromMinutes(kDefaultTimeoutMinutes);
+  options->user_verification = device::UserVerificationRequirement::kRequired;
+  options->allow_credentials = std::move(credentials);
+
   // TODO(https://crbug.com/1110324): Combine |merchant_origin_|, |total_|, and
-  // |request_| into a challenge to invoke WebAuthn.
+  // |request_->network_data| into a challenge to invoke the authenticator.
+  options->challenge = request_->network_data;
+
+  // We are nullifying the security check by design, and the origin that created
+  // the credential isn't saved anywhere.
+  authenticator_->SetEffectiveOrigin(url::Origin::Create(
+      GURL(base::StrCat({url::kHttpsScheme, url::kStandardSchemeSeparator,
+                         effective_relying_party_identity_}))));
+
+  authenticator_->GetAssertion(
+      std::move(options),
+      base::BindOnce(&SecurePaymentConfirmationApp::OnGetAssertion,
+                     weak_ptr_factory_.GetWeakPtr(), delegate));
 }
 
 bool SecurePaymentConfirmationApp::IsCompleteForPayment() const {
@@ -127,7 +178,26 @@ void SecurePaymentConfirmationApp::OnPaymentDetailsNotUpdated() {
 
 void SecurePaymentConfirmationApp::AbortPaymentApp(
     base::OnceCallback<void(bool)> abort_callback) {
+  authenticator_->Cancel();
   std::move(abort_callback).Run(/*abort_success=*/true);
 }
 
+void SecurePaymentConfirmationApp::OnGetAssertion(
+    Delegate* delegate,
+    blink::mojom::AuthenticatorStatus status,
+    blink::mojom::GetAssertionAuthenticatorResponsePtr response) {
+  if (status != blink::mojom::AuthenticatorStatus::SUCCESS) {
+    delegate->OnInstrumentDetailsError("Authentication failure.");
+    return;
+  }
+
+  // TODO(https://crbug.com/1110324): Serialize response into a JSON string.
+  // Browser will pass this string over Mojo IPC into Blink, which will parse it
+  // into a JavaScript object for the merchant.
+  std::string json_serialized_response = "{\"status\": \"success\"}";
+
+  delegate->OnInstrumentDetailsReady(methods::kSecurePaymentConfirmation,
+                                     json_serialized_response, PayerData());
+}
+
 }  // namespace payments

components/payments/content/secure_payment_confirmation_app.h

@@ -16,20 +16,28 @@
 #include "base/strings/string16.h"
 #include "components/payments/content/secure_payment_confirmation_controller.h"
 #include "third_party/blink/public/mojom/payments/payment_request.mojom.h"
+#include "third_party/blink/public/mojom/webauthn/authenticator.mojom.h"
 #include "url/origin.h"
 
 class SkBitmap;
 
+namespace autofill {
+class InternalAuthenticator;
+}  // namespace autofill
+
 namespace payments {
 
 class SecurePaymentConfirmationApp : public PaymentApp {
  public:
   SecurePaymentConfirmationApp(
+      const std::string& effective_relying_party_identity,
       std::unique_ptr<SkBitmap> icon,
       const base::string16& label,
+      std::vector<std::unique_ptr<std::vector<uint8_t>>> credential_ids,
       const url::Origin& merchant_origin,
       const mojom::PaymentCurrencyAmountPtr& total,
-      const mojom::SecurePaymentConfirmationRequestPtr& request);
+      mojom::SecurePaymentConfirmationRequestPtr request,
+      std::unique_ptr<autofill::InternalAuthenticator> authenticator);
   ~SecurePaymentConfirmationApp() override;
 
   SecurePaymentConfirmationApp(const SecurePaymentConfirmationApp& other) =
@@ -66,11 +74,19 @@ class SecurePaymentConfirmationApp : public PaymentApp {
   void AbortPaymentApp(base::OnceCallback<void(bool)> abort_callback) override;
 
  private:
+  void OnGetAssertion(
+      Delegate* delegate,
+      blink::mojom::AuthenticatorStatus status,
+      blink::mojom::GetAssertionAuthenticatorResponsePtr response);
+
+  const std::string effective_relying_party_identity_;
   const std::unique_ptr<SkBitmap> icon_;
   const base::string16 label_;
+  const std::vector<std::unique_ptr<std::vector<uint8_t>>> credential_ids_;
   const url::Origin merchant_origin_;
   const mojom::PaymentCurrencyAmountPtr total_;
   const mojom::SecurePaymentConfirmationRequestPtr request_;
+  const std::unique_ptr<autofill::InternalAuthenticator> authenticator_;
 
   base::WeakPtrFactory<SecurePaymentConfirmationApp> weak_ptr_factory_{this};
 };

components/payments/content/secure_payment_confirmation_app_factory.cc

@@ -4,17 +4,92 @@
 
 #include "components/payments/content/secure_payment_confirmation_app_factory.h"
 
+#include <stdint.h>
 #include <memory>
+#include <string>
+#include <utility>
+#include <vector>
 
 #include "base/stl_util.h"
 #include "base/strings/utf_string_conversions.h"
+#include "base/time/time.h"
+#include "components/autofill/core/browser/payments/internal_authenticator.h"
+#include "components/payments/content/payment_manifest_web_data_service.h"
 #include "components/payments/content/payment_request_spec.h"
 #include "components/payments/content/secure_payment_confirmation_app.h"
 #include "components/payments/core/method_strings.h"
+#include "components/payments/core/native_error_strings.h"
 #include "third_party/blink/public/mojom/payments/payment_request.mojom.h"
 #include "url/origin.h"
 
 namespace payments {
+namespace {
+
+// Arbitrarily chosen limit of 1 hour. Keep in sync with
+// secure_payment_confirmation_helper.cc.
+constexpr int64_t kMaxTimeoutInMilliseconds = 1000 * 60 * 60;
+
+bool IsValid(const mojom::SecurePaymentConfirmationRequestPtr& request,
+             std::string* error_message) {
+  // |request| can be null when the feature is disabled in Blink.
+  if (!request)
+    return false;
+
+  if (request->instrument_id.empty()) {
+    *error_message = errors::kInstrumentIdRequired;
+    return false;
+  }
+
+  if (request->timeout.has_value() &&
+      request->timeout.value().InMilliseconds() > kMaxTimeoutInMilliseconds) {
+    *error_message = errors::kTimeoutTooLong;
+    return false;
+  }
+
+  return true;
+}
+
+void OnIsUserVerifyingPlatformAuthenticatorAvailable(
+    base::WeakPtr<PaymentAppFactory::Delegate> delegate,
+    mojom::SecurePaymentConfirmationRequestPtr request,
+    std::unique_ptr<autofill::InternalAuthenticator> authenticator,
+    bool is_available) {
+  if (!delegate)
+    return;
+
+  if (!is_available) {
+    delegate->OnDoneCreatingPaymentApps();
+    return;
+  }
+
+  scoped_refptr<payments::PaymentManifestWebDataService> web_data_service =
+      delegate->GetPaymentManifestWebDataService();
+  if (!web_data_service) {
+    delegate->OnDoneCreatingPaymentApps();
+    return;
+  }
+
+  // TODO(https://crbug.com/1110324): Check |web_data_service| for whether
+  // |request->instrument_id| has any credentials on this device. If so,
+  // retrieve the instrument information from |web_data_service| and use these
+  // values to create a SecurePaymentConfirmationApp. For now, use stubs.
+  std::string effective_relying_party_identity = "rp.example";
+  std::unique_ptr<SkBitmap> icon;
+  base::string16 label = base::ASCIIToUTF16("Stub label");
+  std::vector<std::unique_ptr<std::vector<uint8_t>>> credential_ids;
+  credential_ids.emplace_back(std::make_unique<std::vector<uint8_t>>());
+  credential_ids.back()->push_back(0);
+
+  delegate->OnPaymentAppCreated(std::make_unique<SecurePaymentConfirmationApp>(
+      effective_relying_party_identity, std::move(icon), label,
+      std::move(credential_ids),
+      /*merchant_origin=*/url::Origin::Create(delegate->GetTopOrigin()),
+      /*total=*/delegate->GetSpec()->details().total->amount,
+      std::move(request), std::move(authenticator)));
+  delegate->OnDoneCreatingPaymentApps();
+}
+
+}  // namespace
 
 SecurePaymentConfirmationAppFactory::SecurePaymentConfirmationAppFactory()
     : PaymentAppFactory(PaymentApp::Type::INTERNAL) {}
@@ -32,23 +107,24 @@ void SecurePaymentConfirmationAppFactory::Create(
   }
 
   for (const mojom::PaymentMethodDataPtr& method_data : spec->method_data()) {
-    if (method_data->supported_method == methods::kSecurePaymentConfirmation &&
-        method_data->secure_payment_confirmation) {
-      // TODO(https://crbug.com/1110324): Check storage for whether
-      // |method_data->secure_payment_confirmation->instrument_id| has any
-      // credentials on this device. If so, retrieve the instrument icon and
-      // label from storage and use these values to create a
-      // SecurePaymentConfirmationApp.
-
-      // A stub payment app that contains the secure payment confirmation
-      // request, but does not yet invoke WebAuthn at this time.
-      delegate->OnPaymentAppCreated(
-          std::make_unique<SecurePaymentConfirmationApp>(
-              /*icon=*/nullptr, /*label=*/base::ASCIIToUTF16("Stub label"),
-              /*merchant_origin=*/url::Origin::Create(delegate->GetTopOrigin()),
-              /*total=*/spec->details().total->amount,
-              /*request=*/method_data->secure_payment_confirmation));
-      break;
+    if (method_data->supported_method == methods::kSecurePaymentConfirmation) {
+      std::string error_message;
+      if (!IsValid(method_data->secure_payment_confirmation, &error_message)) {
+        if (!error_message.empty())
+          delegate->OnPaymentAppCreationError(error_message);
+        delegate->OnDoneCreatingPaymentApps();
+        return;
+      }
+
+      std::unique_ptr<autofill::InternalAuthenticator> authenticator =
+          delegate->CreateInternalAuthenticator();
+
+      authenticator->IsUserVerifyingPlatformAuthenticatorAvailable(
+          base::BindOnce(&OnIsUserVerifyingPlatformAuthenticatorAvailable,
+                         delegate,
+                         method_data->secure_payment_confirmation.Clone(),
+                         std::move(authenticator)));
+      return;
     }
   }
 

components/payments/content/secure_payment_confirmation_payment_request_delegate.cc

@@ -29,6 +29,12 @@ SecurePaymentConfirmationPaymentRequestDelegate::
 SecurePaymentConfirmationPaymentRequestDelegate::
     ~SecurePaymentConfirmationPaymentRequestDelegate() = default;
 
+std::unique_ptr<autofill::InternalAuthenticator>
+SecurePaymentConfirmationPaymentRequestDelegate::CreateInternalAuthenticator(
+    content::RenderFrameHost* rfh) const {
+  return delegate_->CreateInternalAuthenticator(rfh);
+}
+
 scoped_refptr<PaymentManifestWebDataService>
 SecurePaymentConfirmationPaymentRequestDelegate::
     GetPaymentManifestWebDataService() const {

components/payments/content/secure_payment_confirmation_payment_request_delegate.h

@@ -29,6 +29,8 @@ class SecurePaymentConfirmationPaymentRequestDelegate
       const SecurePaymentConfirmationPaymentRequestDelegate& other) = delete;
 
   // ContentPaymentRequestDelegate implementation:
+  std::unique_ptr<autofill::InternalAuthenticator> CreateInternalAuthenticator(
+      content::RenderFrameHost* rfh) const override;
   scoped_refptr<PaymentManifestWebDataService>
   GetPaymentManifestWebDataService() const override;
   PaymentRequestDisplayManager* GetDisplayManager() override;

components/payments/content/test_content_payment_request_delegate.cc

@@ -15,6 +15,12 @@ TestContentPaymentRequestDelegate::TestContentPaymentRequestDelegate(
 
 TestContentPaymentRequestDelegate::~TestContentPaymentRequestDelegate() {}
 
+std::unique_ptr<autofill::InternalAuthenticator>
+TestContentPaymentRequestDelegate::CreateInternalAuthenticator(
+    content::RenderFrameHost* rfh) const {
+  return nullptr;
+}
+
 scoped_refptr<PaymentManifestWebDataService>
 TestContentPaymentRequestDelegate::GetPaymentManifestWebDataService() const {
   return nullptr;

components/payments/content/test_content_payment_request_delegate.h

@@ -22,6 +22,8 @@ class TestContentPaymentRequestDelegate : public ContentPaymentRequestDelegate {
   ~TestContentPaymentRequestDelegate() override;
 
   // ContentPaymentRequestDelegate:
+  std::unique_ptr<autofill::InternalAuthenticator> CreateInternalAuthenticator(
+      content::RenderFrameHost* rfh) const override;
   scoped_refptr<PaymentManifestWebDataService>
   GetPaymentManifestWebDataService() const override;
   PaymentRequestDisplayManager* GetDisplayManager() override;

components/payments/core/native_error_strings.cc

@@ -210,5 +210,13 @@ const char kMoreThanOneService[] =
     "Found more than one IS_READY_TO_PAY service, but at most one service is "
     "supported.";
 
+const char kInstrumentIdRequired[] =
+    "The \"secure-payment-confirmation\" method requires a non-empty "
+    "\"instrumentId\" field.";
+
+const char kTimeoutTooLong[] =
+    "The \"secure-payment-confirmation\" method requires at most 1 hour "
+    "\"timeout\" field.";
+
 }  // namespace errors
 }  // namespace payments

components/payments/core/native_error_strings.h

@@ -237,6 +237,14 @@ extern const char kUserClosedPaymentApp[];
 // Used when an Android app declares more than one IS_READY_TO_PAY service.
 extern const char kMoreThanOneService[];
 
+// Used when an empty instrument ID is specified for the
+// "secure-payment-confirmation" method.
+extern const char kInstrumentIdRequired[];
+
+// Used when the timeout specified for the "secure-payment-confirmation" method
+// is too long.
+extern const char kTimeoutTooLong[];
+
 }  // namespace errors
 }  // namespace payments
 

third_party/blink/renderer/modules/payments/secure_payment_confirmation_helper.cc

@@ -15,7 +15,8 @@
 namespace blink {
 namespace {
 
-// Arbitrarily chosen limit of 1 hour.
+// Arbitrarily chosen limit of 1 hour. Keep in sync with
+// secure_payment_confirmation_app_factory.cc.
 constexpr uint32_t kMaxTimeoutInMilliseconds = 1000 * 60 * 60;
 
 }  // namespace