Create chrome_enterprise_url_lookup_service and its factory.

This CL creates classes for enterprise real time URL lookup.
chrome_content_browser_client injects an enterprise or consumer real
time URL object based on the type of the user.

A feature flag SafeBrowsingRealTimeUrlLookupEnabledForEnterprise is
also added in this CL. It is disabled by default.

The implementation for StartLookup will be added in a future CL. The
enterprise policy for real time URL check will also be added in a
future CL.

Bug: 1085261
Change-Id: I3741bbcb326c6f17e3bc95b45f1366874e97a98e
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2234794
Commit-Queue: Xinghui Lu <xinghuilu@chromium.org>
Reviewed-by: Sergey Poromov <poromov@chromium.org>
Reviewed-by: Varun Khaneja <vakh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#776344}

chrome/browser/chrome_content_browser_client.cc

@@ -115,6 +115,8 @@
 #include "chrome/browser/resource_coordinator/background_tab_navigation_throttle.h"
 #include "chrome/browser/safe_browsing/certificate_reporting_service.h"
 #include "chrome/browser/safe_browsing/certificate_reporting_service_factory.h"
+#include "chrome/browser/safe_browsing/chrome_enterprise_url_lookup_service.h"
+#include "chrome/browser/safe_browsing/chrome_enterprise_url_lookup_service_factory.h"
 #include "chrome/browser/safe_browsing/cloud_content_scanning/deep_scanning_utils.h"
 #include "chrome/browser/safe_browsing/delayed_warning_navigation_throttle.h"
 #include "chrome/browser/safe_browsing/safe_browsing_navigation_throttle.h"
@@ -447,6 +449,7 @@
 #include "chrome/browser/devtools/chrome_devtools_manager_delegate.h"
 #include "chrome/browser/devtools/devtools_window.h"
 #include "chrome/browser/media/unified_autoplay_config.h"
+#include "chrome/browser/safe_browsing/dm_token_utils.h"
 #include "chrome/browser/search/instant_service.h"
 #include "chrome/browser/search/instant_service_factory.h"
 #include "chrome/browser/serial/chrome_serial_delegate.h"
@@ -4329,16 +4332,27 @@ ChromeContentBrowserClient::CreateURLLoaderThrottles(
       request.url, *profile->GetPrefs());
   if (!matches_enterprise_whitelist) {
     // |url_lookup_service| is used when real time url check is enabled.
-    safe_browsing::RealTimeUrlLookupServiceBase* url_lookup_service =
-        // |safe_browsing_service_| may be unavailable in tests.
-        safe_browsing_service_ &&
-                safe_browsing::RealTimePolicyEngine::CanPerformFullURLLookup(
-                    profile->GetPrefs(), profile->IsOffTheRecord(),
-                    g_browser_process->variations_service())
-            ? safe_browsing::RealTimeUrlLookupServiceFactory::GetForProfile(
-                  profile)
-            : nullptr;
+    safe_browsing::RealTimeUrlLookupServiceBase* url_lookup_service = nullptr;
+
+#if BUILDFLAG(SAFE_BROWSING_DB_LOCAL)
+    if (safe_browsing::RealTimePolicyEngine::CanPerformEnterpriseFullURLLookup(
+            safe_browsing::GetDMToken(profile).is_valid(),
+            profile->IsOffTheRecord())) {
+      url_lookup_service =
+          safe_browsing::ChromeEnterpriseRealTimeUrlLookupServiceFactory::
+              GetForProfile(profile);
+    }
+#endif
 
+    // |safe_browsing_service_| may be unavailable in tests.
+    if (!url_lookup_service && safe_browsing_service_ &&
+        safe_browsing::RealTimePolicyEngine::CanPerformFullURLLookup(
+            profile->GetPrefs(), profile->IsOffTheRecord(),
+            g_browser_process->variations_service())) {
+      url_lookup_service =
+          safe_browsing::RealTimeUrlLookupServiceFactory::GetForProfile(
+              profile);
+    }
     result.push_back(safe_browsing::BrowserURLLoaderThrottle::Create(
         base::BindOnce(
             &ChromeContentBrowserClient::GetSafeBrowsingUrlCheckerDelegate,

chrome/browser/safe_browsing/BUILD.gn

@@ -242,6 +242,8 @@ static_library("safe_browsing") {
       ]
       deps += [
         ":advanced_protection",
+        ":chrome_enterprise_url_lookup_service",
+        ":chrome_enterprise_url_lookup_service_factory",
         "//chrome/common/safe_browsing:archive_analyzer_results",
         "//chrome/common/safe_browsing:binary_feature_extractor",
         "//chrome/common/safe_browsing:disk_image_type_sniffer_mac",
@@ -278,6 +280,36 @@ static_library("safe_browsing") {
   }
 }
 
+source_set("chrome_enterprise_url_lookup_service_factory") {
+  sources = [
+    "chrome_enterprise_url_lookup_service_factory.cc",
+    "chrome_enterprise_url_lookup_service_factory.h",
+  ]
+
+  deps = [
+    ":chrome_enterprise_url_lookup_service",
+    ":verdict_cache_manager_factory",
+    "//chrome/common",
+    "//components/keyed_service/content",
+    "//content/public/browser",
+  ]
+}
+
+source_set("chrome_enterprise_url_lookup_service") {
+  sources = [
+    "chrome_enterprise_url_lookup_service.cc",
+    "chrome_enterprise_url_lookup_service.h",
+  ]
+
+  deps = [
+    "//components/safe_browsing/core:realtimeapi_proto",
+    "//components/safe_browsing/core:verdict_cache_manager",
+    "//components/safe_browsing/core/realtime:policy_engine",
+    "//components/safe_browsing/core/realtime:url_lookup_service_base",
+    "//services/network/public/cpp:cpp",
+  ]
+}
+
 source_set("url_lookup_service_factory") {
   sources = [
     "url_lookup_service_factory.cc",

chrome/browser/safe_browsing/chrome_enterprise_url_lookup_service.cc

+// Copyright 2020 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/safe_browsing/chrome_enterprise_url_lookup_service.h"
+
+#include "base/callback.h"
+#include "chrome/browser/profiles/profile.h"
+#include "chrome/browser/safe_browsing/dm_token_utils.h"
+#include "components/policy/core/common/cloud/dm_token.h"
+#include "components/safe_browsing/core/proto/realtimeapi.pb.h"
+#include "components/safe_browsing/core/realtime/policy_engine.h"
+#include "components/safe_browsing/core/realtime/url_lookup_service_base.h"
+#include "components/safe_browsing/core/verdict_cache_manager.h"
+#include "services/network/public/cpp/shared_url_loader_factory.h"
+#include "url/gurl.h"
+
+namespace safe_browsing {
+
+ChromeEnterpriseRealTimeUrlLookupService::
+    ChromeEnterpriseRealTimeUrlLookupService(
+        scoped_refptr<network::SharedURLLoaderFactory> url_loader_factory,
+        VerdictCacheManager* cache_manager,
+        Profile* profile)
+    : RealTimeUrlLookupServiceBase(cache_manager),
+      url_loader_factory_(url_loader_factory),
+      profile_(profile) {}
+
+ChromeEnterpriseRealTimeUrlLookupService::
+    ~ChromeEnterpriseRealTimeUrlLookupService() = default;
+
+void ChromeEnterpriseRealTimeUrlLookupService::StartLookup(
+    const GURL& url,
+    RTLookupRequestCallback request_callback,
+    RTLookupResponseCallback response_callback) {
+  // TODO(crbug.com/1085261): Implement this method.
+}
+
+bool ChromeEnterpriseRealTimeUrlLookupService::CanPerformFullURLLookup() const {
+  return RealTimePolicyEngine::CanPerformEnterpriseFullURLLookup(
+      GetDMToken().is_valid(), profile_->IsOffTheRecord());
+}
+
+bool ChromeEnterpriseRealTimeUrlLookupService::CanCheckSubresourceURL() const {
+  return false;
+}
+
+policy::DMToken ChromeEnterpriseRealTimeUrlLookupService::GetDMToken() const {
+  return ::safe_browsing::GetDMToken(profile_);
+}
+
+}  // namespace safe_browsing

chrome/browser/safe_browsing/chrome_enterprise_url_lookup_service.h

+// Copyright 2020 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CHROME_BROWSER_SAFE_BROWSING_CHROME_ENTERPRISE_URL_LOOKUP_SERVICE_H_
+#define CHROME_BROWSER_SAFE_BROWSING_CHROME_ENTERPRISE_URL_LOOKUP_SERVICE_H_
+
+#include <memory>
+#include <string>
+
+#include "components/safe_browsing/core/realtime/url_lookup_service_base.h"
+#include "url/gurl.h"
+
+namespace network {
+class SharedURLLoaderFactory;
+}  // namespace network
+
+namespace policy {
+class DMToken;
+}  // namespace policy
+
+class Profile;
+
+namespace safe_browsing {
+
+// This class implements the real time lookup feature for a given user/profile.
+// It is separated from the base class for logic that is related to enterprise
+// users.(See: go/chrome-protego-enterprise-dd)
+class ChromeEnterpriseRealTimeUrlLookupService
+    : public RealTimeUrlLookupServiceBase {
+ public:
+  ChromeEnterpriseRealTimeUrlLookupService(
+      scoped_refptr<network::SharedURLLoaderFactory> url_loader_factory,
+      VerdictCacheManager* cache_manager,
+      Profile* profile);
+  ~ChromeEnterpriseRealTimeUrlLookupService() override;
+
+  // RealTimeUrlLookupServiceBase:
+  bool CanPerformFullURLLookup() const override;
+
+  bool CanCheckSubresourceURL() const override;
+
+  void StartLookup(const GURL& url,
+                   RTLookupRequestCallback request_callback,
+                   RTLookupResponseCallback response_callback) override;
+
+ private:
+  policy::DMToken GetDMToken() const;
+
+  // The URLLoaderFactory we use to issue network requests.
+  scoped_refptr<network::SharedURLLoaderFactory> url_loader_factory_;
+
+  // Unowned object used for checking profile based settings.
+  Profile* profile_;
+
+  base::WeakPtrFactory<ChromeEnterpriseRealTimeUrlLookupService> weak_factory_{
+      this};
+
+  DISALLOW_COPY_AND_ASSIGN(ChromeEnterpriseRealTimeUrlLookupService);
+
+};  // class ChromeEnterpriseRealTimeUrlLookupService
+
+}  // namespace safe_browsing
+
+#endif  // CHROME_BROWSER_SAFE_BROWSING_CHROME_ENTERPRISE_URL_LOOKUP_SERVICE_H_

chrome/browser/safe_browsing/chrome_enterprise_url_lookup_service_factory.cc

+// Copyright 2020 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/safe_browsing/chrome_enterprise_url_lookup_service_factory.h"
+
+#include "chrome/browser/browser_process.h"
+#include "chrome/browser/profiles/profile.h"
+#include "chrome/browser/safe_browsing/chrome_enterprise_url_lookup_service.h"
+#include "chrome/browser/safe_browsing/safe_browsing_service.h"
+#include "chrome/browser/safe_browsing/verdict_cache_manager_factory.h"
+#include "components/keyed_service/content/browser_context_dependency_manager.h"
+#include "components/safe_browsing/core/verdict_cache_manager.h"
+#include "content/public/browser/browser_context.h"
+#include "services/network/public/cpp/cross_thread_pending_shared_url_loader_factory.h"
+
+namespace safe_browsing {
+
+// static
+ChromeEnterpriseRealTimeUrlLookupService*
+ChromeEnterpriseRealTimeUrlLookupServiceFactory::GetForProfile(
+    Profile* profile) {
+  return static_cast<ChromeEnterpriseRealTimeUrlLookupService*>(
+      GetInstance()->GetServiceForBrowserContext(profile, /* create= */ true));
+}
+
+// static
+ChromeEnterpriseRealTimeUrlLookupServiceFactory*
+ChromeEnterpriseRealTimeUrlLookupServiceFactory::GetInstance() {
+  return base::Singleton<
+      ChromeEnterpriseRealTimeUrlLookupServiceFactory>::get();
+}
+
+ChromeEnterpriseRealTimeUrlLookupServiceFactory::
+    ChromeEnterpriseRealTimeUrlLookupServiceFactory()
+    : BrowserContextKeyedServiceFactory(
+          "ChromeEnterpriseRealTimeUrlLookupService",
+          BrowserContextDependencyManager::GetInstance()) {
+  DependsOn(VerdictCacheManagerFactory::GetInstance());
+}
+
+KeyedService*
+ChromeEnterpriseRealTimeUrlLookupServiceFactory::BuildServiceInstanceFor(
+    content::BrowserContext* context) const {
+  if (!g_browser_process->safe_browsing_service()) {
+    return nullptr;
+  }
+  Profile* profile = Profile::FromBrowserContext(context);
+  auto url_loader_factory =
+      std::make_unique<network::CrossThreadPendingSharedURLLoaderFactory>(
+          g_browser_process->safe_browsing_service()->GetURLLoaderFactory());
+  return new ChromeEnterpriseRealTimeUrlLookupService(
+      network::SharedURLLoaderFactory::Create(std::move(url_loader_factory)),
+      VerdictCacheManagerFactory::GetForProfile(profile), profile);
+}
+
+}  // namespace safe_browsing

chrome/browser/safe_browsing/chrome_enterprise_url_lookup_service_factory.h

+// Copyright 2020 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CHROME_BROWSER_SAFE_BROWSING_CHROME_ENTERPRISE_URL_LOOKUP_SERVICE_FACTORY_H_
+#define CHROME_BROWSER_SAFE_BROWSING_CHROME_ENTERPRISE_URL_LOOKUP_SERVICE_FACTORY_H_
+
+#include "base/memory/singleton.h"
+#include "components/keyed_service/content/browser_context_keyed_service_factory.h"
+
+class KeyedService;
+class Profile;
+
+namespace content {
+class BrowserContext;
+}
+
+namespace safe_browsing {
+
+class ChromeEnterpriseRealTimeUrlLookupService;
+
+// Singleton that owns ChromeEnterpriseRealTimeUrlLookupService objects, one for
+// each active Profile. It listens to profile destroy events and destroy its
+// associated service. It returns nullptr if the profile is in the Incognito
+// mode.
+class ChromeEnterpriseRealTimeUrlLookupServiceFactory
+    : public BrowserContextKeyedServiceFactory {
+ public:
+  // Creates the service if it doesn't exist already for the given |profile|.
+  // If the service already exists, return its pointer.
+  static ChromeEnterpriseRealTimeUrlLookupService* GetForProfile(
+      Profile* profile);
+
+  // Get the singleton instance.
+  static ChromeEnterpriseRealTimeUrlLookupServiceFactory* GetInstance();
+
+ private:
+  friend struct base::DefaultSingletonTraits<
+      ChromeEnterpriseRealTimeUrlLookupServiceFactory>;
+
+  ChromeEnterpriseRealTimeUrlLookupServiceFactory();
+  ~ChromeEnterpriseRealTimeUrlLookupServiceFactory() override = default;
+
+  // BrowserContextKeyedServiceFactory:
+  KeyedService* BuildServiceInstanceFor(
+      content::BrowserContext* context) const override;
+
+  DISALLOW_COPY_AND_ASSIGN(ChromeEnterpriseRealTimeUrlLookupServiceFactory);
+};
+
+}  // namespace safe_browsing
+#endif  // CHROME_BROWSER_SAFE_BROWSING_CHROME_ENTERPRISE_URL_LOOKUP_SERVICE_FACTORY_H_

components/safe_browsing/core/features.cc

@@ -69,6 +69,10 @@ const base::Feature kRealTimeUrlLookupEnabledForAllAndroidDevices{
     "SafeBrowsingRealTimeUrlLookupEnabledForAllAndroidDevices",
     base::FEATURE_DISABLED_BY_DEFAULT};
 
+const base::Feature kRealTimeUrlLookupEnabledForEnterprise{
+    "SafeBrowsingRealTimeUrlLookupEnabledForEnterprise",
+    base::FEATURE_DISABLED_BY_DEFAULT};
+
 const base::Feature kRealTimeUrlLookupEnabledForEP{
     "SafeBrowsingRealTimeUrlLookupEnabledForEP",
     base::FEATURE_ENABLED_BY_DEFAULT};
@@ -131,6 +135,7 @@ constexpr struct {
     {&kRealTimeUrlLookupEnabled, true},
     {&kRealTimeUrlLookupEnabledForAllAndroidDevices, true},
     {&kRealTimeUrlLookupEnabledForEP, true},
+    {&kRealTimeUrlLookupEnabledForEnterprise, true},
     {&kRealTimeUrlLookupEnabledForEPWithToken, true},
     {&kRealTimeUrlLookupEnabledWithToken, true},
     {&kRealTimeUrlLookupNonMainframeEnabledForEP, true},

components/safe_browsing/core/features.h

@@ -84,6 +84,12 @@ extern const base::Feature kRealTimeUrlLookupEnabled;
 // This flag is in effect only if |kRealTimeUrlLookupEnabled| is true.
 extern const base::Feature kRealTimeUrlLookupEnabledForAllAndroidDevices;
 
+// Controls whether to do real time URL lookup for enterprise users. If both
+// this feature and the enterprise policies are enabled, the enterprise real
+// time URL lookup will be enabled and the consumer real time URL lookup will be
+// disabled.
+extern const base::Feature kRealTimeUrlLookupEnabledForEnterprise;
+
 // Controls whether the real time URL lookup is enabled for Enhanced Protection
 // users.
 extern const base::Feature kRealTimeUrlLookupEnabledForEP;

components/safe_browsing/core/realtime/policy_engine.cc

@@ -157,6 +157,26 @@ bool RealTimePolicyEngine::CanPerformFullURLLookupWithToken(
          !sync_service->GetUserSettings()->IsUsingSecondaryPassphrase();
 }
 
+// static
+bool RealTimePolicyEngine::CanPerformEnterpriseFullURLLookup(
+    bool has_valid_dm_token,
+    bool is_off_the_record) {
+  if (is_off_the_record) {
+    return false;
+  }
+
+  if (!base::FeatureList::IsEnabled(kRealTimeUrlLookupEnabledForEnterprise)) {
+    return false;
+  }
+
+  if (!has_valid_dm_token) {
+    return false;
+  }
+
+  // TODO(crbug.com/1085261): Check the enterprise real time URL check policy.
+  return false;
+}
+
 // static
 bool RealTimePolicyEngine::CanPerformFullURLLookupForResourceType(
     ResourceType resource_type,

components/safe_browsing/core/realtime/policy_engine.h

@@ -69,6 +69,9 @@ class RealTimePolicyEngine {
       signin::IdentityManager* identity_manager,
       variations::VariationsService* variations_service);
 
+  static bool CanPerformEnterpriseFullURLLookup(bool has_valid_dm_token,
+                                                bool is_off_the_record);
+
   friend class SafeBrowsingService;
   friend class SafeBrowsingUIHandler;
 

components/safe_browsing/core/realtime/policy_engine_unittest.cc

@@ -53,6 +53,12 @@ class RealTimePolicyEngineTest : public PlatformTest {
         /*variations_service=*/nullptr);
   }
 
+  bool CanPerformEnterpriseFullURLLookup(bool has_valid_dm_token,
+                                         bool is_off_the_record) {
+    return RealTimePolicyEngine::CanPerformEnterpriseFullURLLookup(
+        has_valid_dm_token, is_off_the_record);
+  }
+
   bool IsInExcludedCountry(const std::string& country_code) {
     return RealTimePolicyEngine::IsInExcludedCountry(country_code);
   }
@@ -328,6 +334,30 @@ TEST_F(RealTimePolicyEngineTest,
       /*is_off_the_record=*/false, &sync_service, identity_manager));
 }
 
+TEST_F(RealTimePolicyEngineTest, TestCanPerformEnterpriseFullURLLookup) {
+  // Is off the record profile.
+  {
+    base::test::ScopedFeatureList feature_list;
+    feature_list.InitAndEnableFeature(kRealTimeUrlLookupEnabledForEnterprise);
+    EXPECT_FALSE(CanPerformEnterpriseFullURLLookup(/*has_valid_dm_token=*/true,
+                                                   /*is_off_the_record=*/true));
+  }
+  // Feature flag disabled.
+  {
+    base::test::ScopedFeatureList feature_list;
+    feature_list.InitAndDisableFeature(kRealTimeUrlLookupEnabledForEnterprise);
+    EXPECT_FALSE(CanPerformEnterpriseFullURLLookup(
+        /*has_valid_dm_token=*/true, /*is_off_the_record=*/false));
+  }
+  // No valid DM token.
+  {
+    base::test::ScopedFeatureList feature_list;
+    feature_list.InitAndEnableFeature(kRealTimeUrlLookupEnabledForEnterprise);
+    EXPECT_FALSE(CanPerformEnterpriseFullURLLookup(
+        /*has_valid_dm_token=*/false, /*is_off_the_record=*/false));
+  }
+}
+
 TEST_F(
     RealTimePolicyEngineTest,
     TestCanPerformFullURLLookup_EnabledMainFrameOnlyForSubresourceDisabledUser) {