1/*
2 * Copyright (C) 2014 Igalia S.L.
3 * Copyright (C) 2016-2018 Apple Inc. All rights reserved.
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
18 */
19
20#include "config.h"
21#include "UserMediaPermissionRequestManagerProxy.h"
22
23#include "APISecurityOrigin.h"
24#include "APIUIClient.h"
25#include "DeviceIdHashSaltStorage.h"
26#include "Logging.h"
27#include "UserMediaPermissionRequestManager.h"
28#include "UserMediaProcessManager.h"
29#include "WebAutomationSession.h"
30#include "WebPageMessages.h"
31#include "WebPageProxy.h"
32#include "WebProcess.h"
33#include "WebProcessPool.h"
34#include "WebProcessProxy.h"
35#include "WebsiteDataStore.h"
36#include <WebCore/MediaConstraints.h>
37#include <WebCore/MockRealtimeMediaSourceCenter.h>
38#include <WebCore/RealtimeMediaSource.h>
39#include <WebCore/SecurityOriginData.h>
40#include <WebCore/UserMediaRequest.h>
41
42namespace WebKit {
43using namespace WebCore;
44
45#if ENABLE(MEDIA_STREAM)
46static const MediaProducer::MediaStateFlags activeCaptureMask = MediaProducer::HasActiveAudioCaptureDevice | MediaProducer::HasActiveVideoCaptureDevice;
47
48static uint64_t generateRequestID()
49{
50 static uint64_t uniqueRequestID = 1;
51 return uniqueRequestID++;
52}
53#endif
54
55#if ENABLE(MEDIA_STREAM)
56static HashSet<UserMediaPermissionRequestManagerProxy*>& proxies()
57{
58 static NeverDestroyed<HashSet<UserMediaPermissionRequestManagerProxy*>> set;
59 return set;
60}
61
62void UserMediaPermissionRequestManagerProxy::forEach(const WTF::Function<void(UserMediaPermissionRequestManagerProxy&)>& function)
63{
64 for (auto* proxy : proxies())
65 function(*proxy);
66}
67#endif
68
69UserMediaPermissionRequestManagerProxy::UserMediaPermissionRequestManagerProxy(WebPageProxy& page)
70 : m_page(page)
71 , m_rejectionTimer(RunLoop::main(), this, &UserMediaPermissionRequestManagerProxy::rejectionTimerFired)
72 , m_watchdogTimer(RunLoop::main(), this, &UserMediaPermissionRequestManagerProxy::watchdogTimerFired)
73#if !RELEASE_LOG_DISABLED
74 , m_logger(page.logger())
75 , m_logIdentifier(uniqueLogIdentifier())
76#endif
77{
78#if ENABLE(MEDIA_STREAM)
79 proxies().add(this);
80#endif
81}
82
83UserMediaPermissionRequestManagerProxy::~UserMediaPermissionRequestManagerProxy()
84{
85#if ENABLE(MEDIA_STREAM)
86 UserMediaProcessManager::singleton().revokeSandboxExtensionsIfNeeded(page().process());
87 proxies().remove(this);
88#endif
89 invalidatePendingRequests();
90}
91
92void UserMediaPermissionRequestManagerProxy::invalidatePendingRequests()
93{
94 for (auto& request : m_pendingUserMediaRequests.values())
95 request->invalidate();
96 m_pendingUserMediaRequests.clear();
97
98 m_pendingDeviceRequests.clear();
99}
100
101void UserMediaPermissionRequestManagerProxy::stopCapture()
102{
103 ALWAYS_LOG(LOGIDENTIFIER);
104 invalidatePendingRequests();
105 m_page.stopMediaCapture();
106}
107
108void UserMediaPermissionRequestManagerProxy::captureDevicesChanged()
109{
110#if ENABLE(MEDIA_STREAM)
111 ALWAYS_LOG(LOGIDENTIFIER);
112 if (!m_page.hasRunningProcess() || !m_page.mainFrame())
113 return;
114
115 auto handler = [this](Optional<bool> originHasPersistentAccess) mutable {
116 if (!originHasPersistentAccess || !m_page.hasRunningProcess())
117 return;
118
119 if (m_grantedRequests.isEmpty() && !*originHasPersistentAccess)
120 return;
121
122 m_page.process().send(Messages::WebPage::CaptureDevicesChanged(), m_page.pageID());
123 };
124
125 auto origin = WebCore::SecurityOrigin::create(m_page.mainFrame()->url());
126 getUserMediaPermissionInfo(m_page.mainFrame()->frameID(), origin.get(), WTFMove(origin), WTFMove(handler));
127#endif
128}
129
130void UserMediaPermissionRequestManagerProxy::clearCachedState()
131{
132 ALWAYS_LOG(LOGIDENTIFIER);
133 invalidatePendingRequests();
134}
135
136#if ENABLE(MEDIA_STREAM)
137static uint64_t toWebCore(UserMediaPermissionRequestProxy::UserMediaAccessDenialReason reason)
138{
139 switch (reason) {
140 case UserMediaPermissionRequestProxy::UserMediaAccessDenialReason::NoConstraints:
141 return static_cast<uint64_t>(UserMediaRequest::MediaAccessDenialReason::NoConstraints);
142 case UserMediaPermissionRequestProxy::UserMediaAccessDenialReason::UserMediaDisabled:
143 return static_cast<uint64_t>(UserMediaRequest::MediaAccessDenialReason::UserMediaDisabled);
144 case UserMediaPermissionRequestProxy::UserMediaAccessDenialReason::NoCaptureDevices:
145 return static_cast<uint64_t>(UserMediaRequest::MediaAccessDenialReason::NoCaptureDevices);
146 case UserMediaPermissionRequestProxy::UserMediaAccessDenialReason::InvalidConstraint:
147 return static_cast<uint64_t>(UserMediaRequest::MediaAccessDenialReason::InvalidConstraint);
148 case UserMediaPermissionRequestProxy::UserMediaAccessDenialReason::HardwareError:
149 return static_cast<uint64_t>(UserMediaRequest::MediaAccessDenialReason::HardwareError);
150 case UserMediaPermissionRequestProxy::UserMediaAccessDenialReason::PermissionDenied:
151 return static_cast<uint64_t>(UserMediaRequest::MediaAccessDenialReason::PermissionDenied);
152 case UserMediaPermissionRequestProxy::UserMediaAccessDenialReason::OtherFailure:
153 return static_cast<uint64_t>(UserMediaRequest::MediaAccessDenialReason::OtherFailure);
154 }
155
156 ASSERT_NOT_REACHED();
157 return static_cast<uint64_t>(UserMediaRequest::MediaAccessDenialReason::OtherFailure);
158}
159#endif
160
161void UserMediaPermissionRequestManagerProxy::userMediaAccessWasDenied(uint64_t userMediaID, UserMediaPermissionRequestProxy::UserMediaAccessDenialReason reason)
162{
163 if (!m_page.hasRunningProcess())
164 return;
165
166 ALWAYS_LOG(LOGIDENTIFIER, userMediaID, ", reason: ", reason);
167
168 auto request = m_pendingUserMediaRequests.take(userMediaID);
169 if (!request)
170 return;
171
172 if (reason == UserMediaPermissionRequestProxy::UserMediaAccessDenialReason::PermissionDenied)
173 m_deniedRequests.append(DeniedRequest { request->mainFrameID(), request->userMediaDocumentSecurityOrigin(), request->topLevelDocumentSecurityOrigin(), request->requiresAudioCapture(), request->requiresVideoCapture(), request->requiresDisplayCapture() });
174
175 denyRequest(userMediaID, reason, emptyString());
176}
177
178void UserMediaPermissionRequestManagerProxy::denyRequest(uint64_t userMediaID, UserMediaPermissionRequestProxy::UserMediaAccessDenialReason reason, const String& invalidConstraint)
179{
180 ASSERT(m_page.hasRunningProcess());
181
182 ALWAYS_LOG(LOGIDENTIFIER, userMediaID, ", reason: ", reason);
183
184#if ENABLE(MEDIA_STREAM)
185 m_page.process().send(Messages::WebPage::UserMediaAccessWasDenied(userMediaID, toWebCore(reason), invalidConstraint), m_page.pageID());
186#else
187 UNUSED_PARAM(reason);
188 UNUSED_PARAM(invalidConstraint);
189#endif
190}
191
192void UserMediaPermissionRequestManagerProxy::userMediaAccessWasGranted(uint64_t userMediaID, CaptureDevice&& audioDevice, CaptureDevice&& videoDevice)
193{
194 ASSERT(audioDevice || videoDevice);
195
196 if (!m_page.hasRunningProcess())
197 return;
198
199#if ENABLE(MEDIA_STREAM)
200 auto logSiteIdentifier = LOGIDENTIFIER;
201 ALWAYS_LOG(logSiteIdentifier, userMediaID, ", video: ", videoDevice ? videoDevice.label() : "", ", audio: ", audioDevice ? audioDevice.label() : " ");
202
203 auto request = m_pendingUserMediaRequests.take(userMediaID);
204 if (!request)
205 return;
206
207 auto& userMediaDocumentSecurityOrigin = request->userMediaDocumentSecurityOrigin();
208 auto& topLevelDocumentSecurityOrigin = request->topLevelDocumentSecurityOrigin();
209 m_page.websiteDataStore().deviceIdHashSaltStorage().deviceIdHashSaltForOrigin(userMediaDocumentSecurityOrigin, topLevelDocumentSecurityOrigin, [this, weakThis = makeWeakPtr(*this), request = request.releaseNonNull(), logSiteIdentifier] (String&& deviceIDHashSalt) mutable {
210 if (!weakThis)
211 return;
212 if (!grantAccess(request))
213 return;
214
215 ALWAYS_LOG(logSiteIdentifier, deviceIDHashSalt);
216 m_grantedRequests.append(WTFMove(request));
217 if (m_hasFilteredDeviceList)
218 captureDevicesChanged();
219 m_hasFilteredDeviceList = false;
220 });
221#else
222 UNUSED_PARAM(userMediaID);
223 UNUSED_PARAM(audioDevice);
224 UNUSED_PARAM(videoDevice);
225#endif
226}
227
228#if ENABLE(MEDIA_STREAM)
229void UserMediaPermissionRequestManagerProxy::resetAccess(uint64_t frameID)
230{
231 ALWAYS_LOG(LOGIDENTIFIER, frameID);
232 m_grantedRequests.removeAllMatching([frameID](const auto& grantedRequest) {
233 return grantedRequest->mainFrameID() == frameID;
234 });
235 m_pregrantedRequests.clear();
236 m_deniedRequests.clear();
237 m_hasFilteredDeviceList = false;
238}
239
240const UserMediaPermissionRequestProxy* UserMediaPermissionRequestManagerProxy::searchForGrantedRequest(uint64_t frameID, const SecurityOrigin& userMediaDocumentOrigin, const SecurityOrigin& topLevelDocumentOrigin, bool needsAudio, bool needsVideo) const
241{
242 if (m_page.isMediaStreamCaptureMuted())
243 return nullptr;
244
245 bool checkForAudio = needsAudio;
246 bool checkForVideo = needsVideo;
247 for (const auto& grantedRequest : m_grantedRequests) {
248 if (grantedRequest->requiresDisplayCapture())
249 continue;
250 if (!grantedRequest->userMediaDocumentSecurityOrigin().isSameSchemeHostPort(userMediaDocumentOrigin))
251 continue;
252 if (!grantedRequest->topLevelDocumentSecurityOrigin().isSameSchemeHostPort(topLevelDocumentOrigin))
253 continue;
254 if (grantedRequest->frameID() != frameID)
255 continue;
256
257 if (grantedRequest->requiresVideoCapture())
258 checkForVideo = false;
259
260 if (grantedRequest->requiresAudioCapture())
261 checkForAudio = false;
262
263 if (checkForVideo || checkForAudio)
264 continue;
265
266 return grantedRequest.ptr();
267 }
268 return nullptr;
269}
270
271bool UserMediaPermissionRequestManagerProxy::wasRequestDenied(uint64_t mainFrameID, const SecurityOrigin& userMediaDocumentOrigin, const SecurityOrigin& topLevelDocumentOrigin, bool needsAudio, bool needsVideo, bool needsScreenCapture)
272{
273 for (const auto& deniedRequest : m_deniedRequests) {
274 if (!deniedRequest.userMediaDocumentOrigin->isSameSchemeHostPort(userMediaDocumentOrigin))
275 continue;
276 if (!deniedRequest.topLevelDocumentOrigin->isSameSchemeHostPort(topLevelDocumentOrigin))
277 continue;
278 if (deniedRequest.mainFrameID != mainFrameID)
279 continue;
280 if (deniedRequest.isAudioDenied && needsAudio)
281 return true;
282 if (deniedRequest.isVideoDenied && needsVideo)
283 return true;
284 if (deniedRequest.isScreenCaptureDenied && needsScreenCapture)
285 return true;
286 }
287 return false;
288}
289
290bool UserMediaPermissionRequestManagerProxy::grantAccess(const UserMediaPermissionRequestProxy& request)
291{
292 ALWAYS_LOG(LOGIDENTIFIER, request.userMediaID());
293 if (!UserMediaProcessManager::singleton().willCreateMediaStream(*this, request.hasAudioDevice(), request.hasVideoDevice())) {
294 denyRequest(request.userMediaID(), UserMediaPermissionRequestProxy::UserMediaAccessDenialReason::OtherFailure, "Unable to extend sandbox.");
295 return false;
296 }
297
298 ++m_hasPendingCapture;
299 m_page.process().connection()->sendWithAsyncReply(Messages::WebPage::UserMediaAccessWasGranted { request.userMediaID(), request.audioDevice(), request.videoDevice(), request.deviceIdentifierHashSalt() }, [this, weakThis = makeWeakPtr(this)] {
300 if (!weakThis)
301 return;
302 --m_hasPendingCapture;
303 }, m_page.pageID());
304 return true;
305}
306#endif
307
308void UserMediaPermissionRequestManagerProxy::rejectionTimerFired()
309{
310 uint64_t userMediaID = m_pendingRejections[0];
311 m_pendingRejections.remove(0);
312
313 denyRequest(userMediaID, UserMediaPermissionRequestProxy::UserMediaAccessDenialReason::PermissionDenied, emptyString());
314 if (!m_pendingRejections.isEmpty())
315 scheduleNextRejection();
316}
317
318void UserMediaPermissionRequestManagerProxy::scheduleNextRejection()
319{
320 const double mimimumDelayBeforeReplying = .25;
321 if (!m_rejectionTimer.isActive())
322 m_rejectionTimer.startOneShot(Seconds(mimimumDelayBeforeReplying + randomNumber()));
323}
324
325#if ENABLE(MEDIA_STREAM)
326UserMediaPermissionRequestManagerProxy::RequestAction UserMediaPermissionRequestManagerProxy::getRequestAction(const UserMediaPermissionRequestProxy& request)
327{
328 bool requestingScreenCapture = request.requestType() == MediaStreamRequest::Type::DisplayMedia;
329 bool requestingCamera = !requestingScreenCapture && request.hasVideoDevice();
330 bool requestingMicrophone = request.hasAudioDevice();
331
332 ASSERT(!(requestingScreenCapture && !request.hasVideoDevice()));
333 ASSERT(!(requestingScreenCapture && requestingMicrophone));
334
335 if (wasRequestDenied(request.frameID(), request.userMediaDocumentSecurityOrigin(), request.topLevelDocumentSecurityOrigin(), requestingMicrophone, requestingCamera, requestingScreenCapture))
336 return RequestAction::Deny;
337
338 if (request.requestType() == MediaStreamRequest::Type::DisplayMedia)
339 return RequestAction::Prompt;
340
341 return searchForGrantedRequest(request.frameID(), request.userMediaDocumentSecurityOrigin(), request.topLevelDocumentSecurityOrigin(), requestingMicrophone, requestingCamera) ? RequestAction::Grant : RequestAction::Prompt;
342}
343#endif
344
345void UserMediaPermissionRequestManagerProxy::requestUserMediaPermissionForFrame(uint64_t userMediaID, uint64_t frameID, Ref<SecurityOrigin>&& userMediaDocumentOrigin, Ref<SecurityOrigin>&& topLevelDocumentOrigin, MediaStreamRequest&& userRequest)
346{
347#if ENABLE(MEDIA_STREAM)
348 auto logSiteIdentifier = LOGIDENTIFIER;
349
350 if (!UserMediaProcessManager::singleton().captureEnabled()) {
351 ALWAYS_LOG(logSiteIdentifier, "capture disabled");
352 m_pendingRejections.append(userMediaID);
353 scheduleNextRejection();
354 return;
355 }
356
357 if (!m_page.hasRunningProcess())
358 return;
359
360 ALWAYS_LOG(logSiteIdentifier, userMediaID);
361
362 auto request = m_pendingUserMediaRequests.add(userMediaID, UserMediaPermissionRequestProxy::create(*this, userMediaID, m_page.mainFrame()->frameID(), frameID, WTFMove(userMediaDocumentOrigin), WTFMove(topLevelDocumentOrigin), { }, { }, WTFMove(userRequest))).iterator->value.copyRef();
363
364 auto& userMediaOrigin = request->userMediaDocumentSecurityOrigin();
365 auto& topLevelOrigin = request->topLevelDocumentSecurityOrigin();
366 getUserMediaPermissionInfo(frameID, userMediaOrigin, topLevelOrigin, [this, request = request.releaseNonNull(), logSiteIdentifier](Optional<bool> hasPersistentAccess) mutable {
367 if (!request->isPending())
368 return;
369
370 if (!hasPersistentAccess) {
371 request->deny(UserMediaPermissionRequestProxy::UserMediaAccessDenialReason::OtherFailure);
372 return;
373 }
374
375 ALWAYS_LOG(logSiteIdentifier, request->userMediaID(), ", persistent access: ", *hasPersistentAccess);
376 processUserMediaPermissionRequest(WTFMove(request), *hasPersistentAccess);
377 });
378}
379
380void UserMediaPermissionRequestManagerProxy::processUserMediaPermissionRequest(Ref<UserMediaPermissionRequestProxy>&& request, bool hasPersistentAccess)
381{
382 ALWAYS_LOG(LOGIDENTIFIER, request->userMediaID());
383
384 if (hasPersistentAccess)
385 request->setHasPersistentAccess();
386
387 auto& userMediaDocumentSecurityOrigin = request->userMediaDocumentSecurityOrigin();
388 auto& topLevelDocumentSecurityOrigin = request->topLevelDocumentSecurityOrigin();
389 m_page.websiteDataStore().deviceIdHashSaltStorage().deviceIdHashSaltForOrigin(userMediaDocumentSecurityOrigin, topLevelDocumentSecurityOrigin, [this, request = WTFMove(request)] (String&& deviceIDHashSalt) mutable {
390 if (!request->isPending())
391 return;
392
393 RealtimeMediaSourceCenter::InvalidConstraintsHandler invalidHandler = [this, request = request.copyRef()](const String& invalidConstraint) {
394 if (!request->isPending())
395 return;
396
397 if (!m_page.hasRunningProcess())
398 return;
399
400 processUserMediaPermissionInvalidRequest(request.get(), invalidConstraint);
401 };
402
403 auto validHandler = [this, request = request.copyRef()](Vector<CaptureDevice>&& audioDevices, Vector<CaptureDevice>&& videoDevices, String&& deviceIdentifierHashSalt) mutable {
404 if (!request->isPending())
405 return;
406
407 if (!m_page.hasRunningProcess() || !m_page.mainFrame())
408 return;
409
410 processUserMediaPermissionValidRequest(WTFMove(request), WTFMove(audioDevices), WTFMove(videoDevices), WTFMove(deviceIdentifierHashSalt));
411 };
412
413 syncWithWebCorePrefs();
414
415 RealtimeMediaSourceCenter::singleton().validateRequestConstraints(WTFMove(validHandler), WTFMove(invalidHandler), request->userRequest(), WTFMove(deviceIDHashSalt));
416 });
417#else
418 UNUSED_PARAM(userMediaID);
419 UNUSED_PARAM(frameID);
420 UNUSED_PARAM(userMediaDocumentOrigin);
421 UNUSED_PARAM(topLevelDocumentOrigin);
422 UNUSED_PARAM(userRequest);
423#endif
424}
425
426#if ENABLE(MEDIA_STREAM)
427void UserMediaPermissionRequestManagerProxy::processUserMediaPermissionInvalidRequest(const UserMediaPermissionRequestProxy& request, const String& invalidConstraint)
428{
429 ALWAYS_LOG(LOGIDENTIFIER, request.userMediaID());
430 bool filterConstraint = !request.hasPersistentAccess() && !wasGrantedVideoOrAudioAccess(request.frameID(), request.userMediaDocumentSecurityOrigin(), request.topLevelDocumentSecurityOrigin());
431
432 denyRequest(request.userMediaID(), UserMediaPermissionRequestProxy::UserMediaAccessDenialReason::InvalidConstraint, filterConstraint ? String { } : invalidConstraint);
433}
434
435void UserMediaPermissionRequestManagerProxy::processUserMediaPermissionValidRequest(Ref<UserMediaPermissionRequestProxy>&& request, Vector<CaptureDevice>&& audioDevices, Vector<CaptureDevice>&& videoDevices, String&& deviceIdentifierHashSalt)
436{
437 ALWAYS_LOG(LOGIDENTIFIER, request->userMediaID(), ", video: ", videoDevices.size(), " audio: ", audioDevices.size());
438 if (videoDevices.isEmpty() && audioDevices.isEmpty()) {
439 denyRequest(request->userMediaID(), UserMediaPermissionRequestProxy::UserMediaAccessDenialReason::NoConstraints, emptyString());
440 return;
441 }
442
443 request->setDeviceIdentifierHashSalt(WTFMove(deviceIdentifierHashSalt));
444 request->setEligibleVideoDeviceUIDs(WTFMove(videoDevices));
445 request->setEligibleAudioDeviceUIDs(WTFMove(audioDevices));
446
447 auto action = getRequestAction(request);
448 ALWAYS_LOG(LOGIDENTIFIER, request->userMediaID(), ", action: ", action);
449
450 if (action == RequestAction::Deny) {
451 denyRequest(request->userMediaID(), UserMediaPermissionRequestProxy::UserMediaAccessDenialReason::PermissionDenied, emptyString());
452 return;
453 }
454
455 if (action == RequestAction::Grant) {
456 ASSERT(request->requestType() != MediaStreamRequest::Type::DisplayMedia);
457
458 if (m_page.isViewVisible())
459 grantAccess(request);
460 else
461 m_pregrantedRequests.append(WTFMove(request));
462
463 return;
464 }
465
466 if (m_page.isControlledByAutomation()) {
467 if (WebAutomationSession* automationSession = m_page.process().processPool().automationSession()) {
468 ALWAYS_LOG(LOGIDENTIFIER, request->userMediaID(), ", page controlled by automation");
469 if (automationSession->shouldAllowGetUserMediaForPage(m_page))
470 request->allow();
471 else
472 userMediaAccessWasDenied(request->userMediaID(), UserMediaPermissionRequestProxy::UserMediaAccessDenialReason::PermissionDenied);
473
474 return;
475 }
476 }
477
478 if (m_page.preferences().mockCaptureDevicesEnabled() && !m_page.preferences().mockCaptureDevicesPromptEnabled()) {
479 ALWAYS_LOG(LOGIDENTIFIER, request->userMediaID(), ", mock devices don't require prompt");
480 request->allow();
481 return;
482 }
483
484 // If page navigated, there is no need to call the page client for authorization.
485 auto* webFrame = m_page.process().webFrame(request->frameID());
486
487 if (!webFrame || !SecurityOrigin::createFromString(m_page.pageLoadState().activeURL())->isSameSchemeHostPort(request->topLevelDocumentSecurityOrigin())) {
488 denyRequest(request->userMediaID(), UserMediaPermissionRequestProxy::UserMediaAccessDenialReason::NoConstraints, emptyString());
489 return;
490 }
491
492 // FIXME: Remove webFrame, userMediaOrigin and topLevelOrigin from this uiClient API call.
493 auto userMediaOrigin = API::SecurityOrigin::create(request->userMediaDocumentSecurityOrigin());
494 auto topLevelOrigin = API::SecurityOrigin::create(request->topLevelDocumentSecurityOrigin());
495 m_page.uiClient().decidePolicyForUserMediaPermissionRequest(m_page, *webFrame, WTFMove(userMediaOrigin), WTFMove(topLevelOrigin), request);
496}
497
498void UserMediaPermissionRequestManagerProxy::getUserMediaPermissionInfo(uint64_t frameID, Ref<SecurityOrigin>&& userMediaDocumentOrigin, Ref<SecurityOrigin>&& topLevelDocumentOrigin, CompletionHandler<void(Optional<bool>)>&& handler)
499{
500 auto* webFrame = m_page.process().webFrame(frameID);
501 if (!webFrame || !SecurityOrigin::createFromString(m_page.pageLoadState().activeURL())->isSameSchemeHostPort(topLevelDocumentOrigin.get())) {
502 handler({ });
503 return;
504 }
505
506 auto userMediaOrigin = API::SecurityOrigin::create(userMediaDocumentOrigin.get());
507 auto topLevelOrigin = API::SecurityOrigin::create(topLevelDocumentOrigin.get());
508
509 auto requestID = generateRequestID();
510 m_pendingDeviceRequests.add(requestID);
511
512 auto request = UserMediaPermissionCheckProxy::create(frameID, [this, weakThis = makeWeakPtr(*this), requestID, handler = WTFMove(handler)](Optional<bool> allowed) mutable {
513 if (!weakThis || !m_pendingDeviceRequests.remove(requestID) || !allowed) {
514 handler({ });
515 return;
516 }
517 handler(*allowed);
518 }, WTFMove(userMediaDocumentOrigin), WTFMove(topLevelDocumentOrigin));
519
520 // FIXME: Remove webFrame, userMediaOrigin and topLevelOrigin from this uiClient API call.
521 m_page.uiClient().checkUserMediaPermissionForOrigin(m_page, *webFrame, userMediaOrigin.get(), topLevelOrigin.get(), request.get());
522}
523
524bool UserMediaPermissionRequestManagerProxy::wasGrantedVideoOrAudioAccess(uint64_t frameID, const SecurityOrigin& userMediaDocumentOrigin, const SecurityOrigin& topLevelDocumentOrigin)
525{
526 for (const auto& grantedRequest : m_grantedRequests) {
527 if (grantedRequest->requiresDisplayCapture())
528 continue;
529 if (!grantedRequest->userMediaDocumentSecurityOrigin().isSameSchemeHostPort(userMediaDocumentOrigin))
530 continue;
531 if (!grantedRequest->topLevelDocumentSecurityOrigin().isSameSchemeHostPort(topLevelDocumentOrigin))
532 continue;
533 if (grantedRequest->frameID() != frameID)
534 continue;
535
536 if (grantedRequest->requiresVideoCapture() || grantedRequest->requiresAudioCapture())
537 return true;
538 }
539
540 return false;
541}
542
543Vector<CaptureDevice> UserMediaPermissionRequestManagerProxy::computeFilteredDeviceList(bool revealIdsAndLabels, const String& deviceIDHashSalt)
544{
545 static const int defaultMaximumCameraCount = 1;
546 static const int defaultMaximumMicrophoneCount = 1;
547
548 auto devices = RealtimeMediaSourceCenter::singleton().getMediaStreamDevices();
549 int cameraCount = 0;
550 int microphoneCount = 0;
551
552 Vector<CaptureDevice> filteredDevices;
553 for (const auto& device : devices) {
554 if (!device.enabled() || (device.type() != WebCore::CaptureDevice::DeviceType::Camera && device.type() != WebCore::CaptureDevice::DeviceType::Microphone))
555 continue;
556
557 if (!revealIdsAndLabels) {
558 if (device.type() == WebCore::CaptureDevice::DeviceType::Camera && ++cameraCount > defaultMaximumCameraCount)
559 continue;
560 if (device.type() == WebCore::CaptureDevice::DeviceType::Microphone && ++microphoneCount > defaultMaximumMicrophoneCount)
561 continue;
562 }
563
564 auto label = emptyString();
565 auto id = emptyString();
566 auto groupId = emptyString();
567 if (revealIdsAndLabels) {
568 label = device.label();
569 id = RealtimeMediaSourceCenter::singleton().hashStringWithSalt(device.persistentId(), deviceIDHashSalt);
570 groupId = RealtimeMediaSourceCenter::singleton().hashStringWithSalt(device.groupId(), deviceIDHashSalt);
571 }
572
573 filteredDevices.append(CaptureDevice(id, device.type(), label, groupId));
574 }
575
576 m_hasFilteredDeviceList = !revealIdsAndLabels;
577
578 ALWAYS_LOG(LOGIDENTIFIER, filteredDevices.size(), " devices revealed");
579 return filteredDevices;
580}
581#endif
582
583void UserMediaPermissionRequestManagerProxy::enumerateMediaDevicesForFrame(uint64_t userMediaID, uint64_t frameID, Ref<SecurityOrigin>&& userMediaDocumentOrigin, Ref<SecurityOrigin>&& topLevelDocumentOrigin)
584{
585#if ENABLE(MEDIA_STREAM)
586 ALWAYS_LOG(LOGIDENTIFIER, userMediaID);
587
588 auto completionHandler = [this, userMediaID, frameID, userMediaDocumentOrigin = userMediaDocumentOrigin.copyRef(), topLevelDocumentOrigin = topLevelDocumentOrigin.copyRef()](Optional<bool> originHasPersistentAccess) mutable {
589 if (!originHasPersistentAccess)
590 return;
591
592 if (!m_page.hasRunningProcess())
593 return;
594
595 auto requestID = generateRequestID();
596 m_pendingDeviceRequests.add(requestID);
597
598 auto& requestOrigin = userMediaDocumentOrigin.get();
599 auto& topOrigin = topLevelDocumentOrigin.get();
600 m_page.websiteDataStore().deviceIdHashSaltStorage().deviceIdHashSaltForOrigin(requestOrigin, topOrigin, [this, weakThis = makeWeakPtr(*this), requestID, frameID, userMediaID, userMediaDocumentOrigin = WTFMove(userMediaDocumentOrigin), topLevelDocumentOrigin = WTFMove(topLevelDocumentOrigin), originHasPersistentAccess = *originHasPersistentAccess] (String&& deviceIDHashSalt) {
601 if (!weakThis || !m_pendingDeviceRequests.remove(requestID))
602 return;
603
604 if (!m_page.hasRunningProcess())
605 return;
606
607 syncWithWebCorePrefs();
608
609 bool revealIdsAndLabels = originHasPersistentAccess || wasGrantedVideoOrAudioAccess(frameID, userMediaDocumentOrigin.get(), topLevelDocumentOrigin.get());
610
611 m_page.process().send(Messages::WebPage::DidCompleteMediaDeviceEnumeration { userMediaID, computeFilteredDeviceList(revealIdsAndLabels, deviceIDHashSalt), deviceIDHashSalt, originHasPersistentAccess }, m_page.pageID());
612 });
613 };
614
615 getUserMediaPermissionInfo(frameID, WTFMove(userMediaDocumentOrigin), WTFMove(topLevelDocumentOrigin), WTFMove(completionHandler));
616#else
617 UNUSED_PARAM(userMediaID);
618 UNUSED_PARAM(frameID);
619 UNUSED_PARAM(userMediaDocumentOrigin);
620 UNUSED_PARAM(topLevelDocumentOrigin);
621#endif
622}
623
624void UserMediaPermissionRequestManagerProxy::syncWithWebCorePrefs() const
625{
626#if ENABLE(MEDIA_STREAM)
627 // Enable/disable the mock capture devices for the UI process as per the WebCore preferences. Note that
628 // this is a noop if the preference hasn't changed since the last time this was called.
629 bool mockDevicesEnabled = m_page.preferences().mockCaptureDevicesEnabled();
630 MockRealtimeMediaSourceCenter::setMockRealtimeMediaSourceCenterEnabled(mockDevicesEnabled);
631#endif
632}
633
634void UserMediaPermissionRequestManagerProxy::captureStateChanged(MediaProducer::MediaStateFlags oldState, MediaProducer::MediaStateFlags newState)
635{
636 if (!m_page.hasRunningProcess())
637 return;
638
639#if ENABLE(MEDIA_STREAM)
640 if (!m_hasPendingCapture)
641 UserMediaProcessManager::singleton().revokeSandboxExtensionsIfNeeded(page().process());
642
643 if (m_captureState == (newState & activeCaptureMask))
644 return;
645
646 ALWAYS_LOG(LOGIDENTIFIER, "state was: ", m_captureState, ", is now: ", newState & activeCaptureMask);
647 m_captureState = newState & activeCaptureMask;
648
649 Seconds interval;
650 if (m_captureState & activeCaptureMask)
651 interval = Seconds::fromHours(m_page.preferences().longRunningMediaCaptureStreamRepromptIntervalInHours());
652 else
653 interval = Seconds::fromMinutes(m_page.preferences().inactiveMediaCaptureSteamRepromptIntervalInMinutes());
654
655 if (interval == m_currentWatchdogInterval)
656 return;
657
658 ALWAYS_LOG(LOGIDENTIFIER, "watchdog set to ", interval.value());
659 m_currentWatchdogInterval = interval;
660 m_watchdogTimer.startOneShot(m_currentWatchdogInterval);
661#endif
662}
663
664void UserMediaPermissionRequestManagerProxy::viewIsBecomingVisible()
665{
666 for (auto& request : m_pregrantedRequests)
667 request->allow();
668 m_pregrantedRequests.clear();
669}
670
671void UserMediaPermissionRequestManagerProxy::watchdogTimerFired()
672{
673 ALWAYS_LOG(LOGIDENTIFIER);
674 m_grantedRequests.clear();
675 m_pregrantedRequests.clear();
676 m_currentWatchdogInterval = 0_s;
677 m_hasFilteredDeviceList = false;
678}
679
680#if !RELEASE_LOG_DISABLED
681WTFLogChannel& UserMediaPermissionRequestManagerProxy::logChannel() const
682{
683 return WebKit2LogWebRTC;
684}
685
686const Logger& UserMediaPermissionRequestManagerProxy::logger() const
687{
688 return m_page.logger();
689}
690#endif
691
692String convertEnumerationToString(UserMediaPermissionRequestManagerProxy::RequestAction enumerationValue)
693{
694 static const NeverDestroyed<String> values[] = {
695 MAKE_STATIC_STRING_IMPL("Deny"),
696 MAKE_STATIC_STRING_IMPL("Grant"),
697 MAKE_STATIC_STRING_IMPL("Prompt"),
698 };
699 static_assert(static_cast<size_t>(UserMediaPermissionRequestManagerProxy::RequestAction::Deny) == 0, "UserMediaPermissionRequestManagerProxy::RequestAction::Deny is not 0 as expected");
700 static_assert(static_cast<size_t>(UserMediaPermissionRequestManagerProxy::RequestAction::Grant) == 1, "UserMediaPermissionRequestManagerProxy::RequestAction::Grant is not 1 as expected");
701 static_assert(static_cast<size_t>(UserMediaPermissionRequestManagerProxy::RequestAction::Prompt) == 2, "UserMediaPermissionRequestManagerProxy::RequestAction::Prompt is not 2 as expected");
702 ASSERT(static_cast<size_t>(enumerationValue) < WTF_ARRAY_LENGTH(values));
703 return values[static_cast<size_t>(enumerationValue)];
704}
705
706} // namespace WebKit
707