// Copyright 2020 The Chromium OS Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef SYSTEM_PROXY_SYSTEM_PROXY_ADAPTOR_H_
#define SYSTEM_PROXY_SYSTEM_PROXY_ADAPTOR_H_

#include <memory>
#include <string>
#include <vector>

#include <base/memory/weak_ptr.h>
#include <brillo/dbus/async_event_sequencer.h>
#include <brillo/http/http_proxy.h>
#include <gtest/gtest_prod.h>  // for FRIEND_TEST
#include <patchpanel/proto_bindings/patchpanel_service.pb.h>

#include "bindings/worker_common.pb.h"
#include "system_proxy/org.chromium.SystemProxy.h"
#include "system_proxy/proto_bindings/system_proxy_service.pb.h"

namespace brillo {
namespace dbus_utils {
class DBusObject;
}

}  // namespace brillo

namespace system_proxy {

class KerberosClient;
class SandboxedWorker;

// Implementation of the SystemProxy D-Bus interface.
class SystemProxyAdaptor : public org::chromium::SystemProxyAdaptor,
                           public org::chromium::SystemProxyInterface {
 public:
  explicit SystemProxyAdaptor(
      std::unique_ptr<brillo::dbus_utils::DBusObject> dbus_object);
  SystemProxyAdaptor(const SystemProxyAdaptor&) = delete;
  SystemProxyAdaptor& operator=(const SystemProxyAdaptor&) = delete;
  virtual ~SystemProxyAdaptor();

  // Registers the D-Bus object and interfaces.
  void RegisterAsync(
      const brillo::dbus_utils::AsyncEventSequencer::CompletionAction&
          completion_callback);

  // org::chromium::SystemProxyInterface: (see org.chromium.SystemProxy.xml).
  std::vector<uint8_t> SetAuthenticationDetails(
      const std::vector<uint8_t>& request_blob) override;
  std::vector<uint8_t> ShutDown() override;
  std::vector<uint8_t> ClearUserCredentials(
      const std::vector<uint8_t>& request_blob) override;
  std::vector<uint8_t> ShutDownProcess(
      const std::vector<uint8_t>& request_blob) override;

  void GetChromeProxyServersAsync(
      const std::string& target_url,
      const brillo::http::GetChromeProxyServersCallback& callback);

  void RequestAuthenticationCredentials(
      const worker::ProtectionSpace& protection_space);
  // Returns true if |proxy| points to one of the local proxy workers. The
  // method only matches against host and port, but not scheme.
  // TODO(acostinas, crbug.com/1109207) Add an option to the proxy resolution
  // service in Chrome that allows fetching only the addresses of "real"
  // proxies.
  bool IsLocalProxy(const std::string& proxy);

 protected:
  virtual std::unique_ptr<SandboxedWorker> CreateWorker();
  virtual void ConnectNamespace(bool user_traffic);
  // Triggers the |WorkerActive| signal.
  void OnNamespaceConnected(SandboxedWorker* worker, bool user_traffic);
  // Returns a pointer to the worker process associated with |user_traffic|. Can
  // return nullptr.
  SandboxedWorker* GetWorker(bool user_traffic);

 private:
  friend class SystemProxyAdaptorTest;
  FRIEND_TEST(SystemProxyAdaptorTest, SetAuthenticationDetails);
  FRIEND_TEST(SystemProxyAdaptorTest,
              SetAuthenticationDetailsOnlySystemTraffic);
  FRIEND_TEST(SystemProxyAdaptorTest, KerberosEnabled);
  FRIEND_TEST(SystemProxyAdaptorTest, ShutDown);
  FRIEND_TEST(SystemProxyAdaptorTest, ShutDownArc);
  FRIEND_TEST(SystemProxyAdaptorTest, ConnectNamespace);
  FRIEND_TEST(SystemProxyAdaptorTest, ProxyResolutionFilter);
  FRIEND_TEST(SystemProxyAdaptorTest, ProtectionSpaceAuthenticationRequired);
  FRIEND_TEST(SystemProxyAdaptorTest, ProtectionSpaceNoCredentials);
  FRIEND_TEST(SystemProxyAdaptorTest, ClearUserCredentials);
  FRIEND_TEST(SystemProxyAdaptorTest, ClearUserCredentialsRestartService);

  void SetCredentialsTask(SandboxedWorker* worker,
                          const worker::Credentials& credentials);

  void SetKerberosEnabledTask(SandboxedWorker* worker,
                              bool kerberos_enabled,
                              const std::string& principal_name);

  void ShutDownTask();

  void ConnectNamespaceTask(SandboxedWorker* worker, bool user_traffic);

  // Terminates the worker process for traffic indicated by |user_traffic| and
  // frees the SandboxedWorker associated with it.
  bool ResetWorker(bool user_traffic);

  void SetWorker(bool user_traffic, std::unique_ptr<SandboxedWorker> worker);

  // Return true if |traffic_origin| represents the traffic originating from
  // system services or if it includes all traffic.
  bool IncludesSystemTraffic(TrafficOrigin traffic_origin);
  // Return true if |traffic_origin| represents the traffic originating from ARC
  // or if it includes all traffic.
  bool IncludesUserTraffic(TrafficOrigin traffic_origin);

  // Checks if a worker process exists and if not creates one and sends a
  // request to patchpanel to setup the network namespace for it. Returns true
  // if the worker exists or was created successfully, false otherwise.
  SandboxedWorker* CreateWorkerIfNeeded(bool user_traffic);

  // If setting the authentication details to |worker| fails, it  updates
  // |error_message| with an appropriate error message.
  void SetAuthenticationDetails(SetAuthenticationDetailsRequest auth_details,
                                bool user_traffic,
                                std::string* error_message);

  // Sends a request to the worker process associated with |user_traffic| to
  // clear the cached user credentials. If sending the request fails, the worker
  // will be restarted.
  void ClearUserCredentials(bool user_traffic, std::string* error_message);

  // Called when the patchpanel D-Bus service becomes available.
  void OnPatchpanelServiceAvailable(bool user_traffic, bool is_available);

  // The callback of |GetChromeProxyServersAsync|.
  void OnGetProxyServers(bool success, const std::vector<std::string>& servers);

  // The number of tries left for setting up the network namespace of the
  // System-proxy worker for system traffic. TODO(acostinas, b/160736881) Remove
  // when patchpaneld creates the veth pair directly across the host and worker
  // network namespaces.
  int netns_reconnect_attempts_available_;

  // Worker that authenticates and forwards to a remote web proxy traffic
  // coming form Chrome OS system services.
  std::unique_ptr<SandboxedWorker> system_services_worker_;
  // Worker that authenticates and forwards to a remote web proxy traffic
  // coming form ARC++ apps.
  std::unique_ptr<SandboxedWorker> arc_worker_;
  std::unique_ptr<KerberosClient> kerberos_client_;

  std::unique_ptr<brillo::dbus_utils::DBusObject> dbus_object_;
  base::WeakPtrFactory<SystemProxyAdaptor> weak_ptr_factory_;
};

}  // namespace system_proxy
#endif  // SYSTEM_PROXY_SYSTEM_PROXY_ADAPTOR_H_