Simplify SSL client certificate selector logic

We currently have a C++ views object owning an Cocoa object which then owns a bridge back into some other C++ interfaces. We can simplify this by having the top-level C++ object handle those interfaces and leave the Cocoa object to purely manage the SFChooseIdentityPanel. This doesn't fix the https://crbug.com/987744 but is some cleanup along the way. Before we add more cases to that logic, reduce the number of places we spread that logic out. This does result in some RunUntilIdle() calls in the tests no longer quite waiting long enough, I suspect because the Cocoa event loop is involved. I've switched them to specifically wait for the relevant object to be destroyed, which seems more robust in general. It seems that was also the cause of the lifetime mismatch in https://crbug.com/1041175 so now we don't need a WeakPtr. Unfortunately the diff here is kind of hard to read. I had to reorder some of the classes so they could refer to each other. (Note the old bridge object was similarly interleaved between the @interface and @implementation.) Bug: 987744, 1041175 Change-Id: Icccc9e18cdfc64444a6496748dc106be6233896a Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1978946 Commit-Queue: David Benjamin <davidben@chromium.org> Reviewed-by: Ryan Sleevi <rsleevi@chromium.org> Reviewed-by: Elly Fong-Jones <ellyjones@chromium.org> Cr-Commit-Position: refs/heads/master@{#734237}

Simplify SSL client certificate selector logic
We currently have a C++ views object owning an Cocoa object which then owns a bridge back into some other C++ interfaces. We can simplify this by having the top-level C++ object handle those interfaces and leave the Cocoa object to purely manage the SFChooseIdentityPanel. This doesn't fix the https://crbug.com/987744 but is some cleanup along the way. Before we add more cases to that logic, reduce the number of places we spread that logic out. This does result in some RunUntilIdle() calls in the tests no longer quite waiting long enough, I suspect because the Cocoa event loop is involved. I've switched them to specifically wait for the relevant object to be destroyed, which seems more robust in general. It seems that was also the cause of the lifetime mismatch in https://crbug.com/1041175 so now we don't need a WeakPtr. Unfortunately the diff here is kind of hard to read. I had to reorder some of the classes so they could refer to each other. (Note the old bridge object was similarly interleaved between the @interface and @implementation.) Bug: 987744, 1041175 Change-Id: Icccc9e18cdfc64444a6496748dc106be6233896a Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1978946 Commit-Queue: David Benjamin <davidben@chromium.org> Reviewed-by: Ryan Sleevi <rsleevi@chromium.org> Reviewed-by: Elly Fong-Jones <ellyjones@chromium.org> Cr-Commit-Position: refs/heads/master@{#734237}
9740f4b3 · David Benjamin · Commit Bot · e06316c0 · 9740f4b3 · 9740f4b3
Commit 9740f4b3 authored Jan 22, 2020 by David Benjamin Committed by Commit Bot Jan 22, 2020
4 changed files
--- a/chrome/browser/ssl/ssl_client_auth_observer.cc
+++ b/chrome/browser/ssl/ssl_client_auth_observer.cc
@@ -21,9 +21,17 @@ SSLClientAuthObserver::SSLClientAuthObserver(
    std::unique_ptr<content::ClientCertificateDelegate> delegate)
    : browser_context_(browser_context),
      cert_request_info_(cert_request_info),
-      delegate_(std::move(delegate)) {}
+      delegate_(std::move(delegate)) {
+  DCHECK(delegate_);
+}

 SSLClientAuthObserver::~SSLClientAuthObserver() {
+  // The caller is required to explicitly stop observing, but call
+  // StopObserving() anyway to avoid a dangling pointer. (StopObserving() is
+  // idempotent, so it may be called multiple times.)
+  DCHECK_CURRENTLY_ON(BrowserThread::UI);
+  DCHECK_EQ(0u, GetActiveObservers().count(this));
+  StopObserving();
 }

 void SSLClientAuthObserver::CertificateSelected(

--- a/chrome/browser/ssl/ssl_client_auth_observer.h
+++ b/chrome/browser/ssl/ssl_client_auth_observer.h
@@ -46,10 +46,13 @@ class SSLClientAuthObserver {
  // Cancels the certificate selection and aborts the request.
  void CancelCertificateSelection();

-  // Begins observing notifications from other SSLClientAuthHandler instances.
+  // Begins observing notifications from other SSLClientAuthObserver instances.
  // If another instance chooses a cert for a matching SSLCertRequestInfo, we
  // will also use the same cert and OnCertSelectedByNotification will be called
  // so that the cert selection UI can be closed.
+  //
+  // The caller must call CertificateSelected(), CancelCertificateSelection(),
+  // or StopObserving() before the SSLClientAuthObserver is destroyed.
  void StartObserving();

  // Stops observing notifications.  We will no longer act on client auth

--- a/chrome/browser/ui/views/ssl_client_certificate_selector_mac.mm
+++ b/chrome/browser/ui/views/ssl_client_certificate_selector_mac.mm
--- a/chrome/browser/ui/views/ssl_client_certificate_selector_mac_browsertest.mm
+++ b/chrome/browser/ui/views/ssl_client_certificate_selector_mac_browsertest.mm