| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "remoting/protocol/third_party_host_authenticator.h" |
| 6 |
| 7 #include "base/base64.h" |
| 8 #include "base/bind.h" |
| 9 #include "base/callback.h" |
| 10 #include "base/logging.h" |
| 11 #include "remoting/base/constants.h" |
| 12 #include "remoting/base/rsa_key_pair.h" |
| 13 #include "remoting/protocol/v2_authenticator.h" |
| 14 #include "third_party/libjingle/source/talk/xmllite/xmlelement.h" |
| 15 |
| 16 namespace remoting { |
| 17 namespace protocol { |
| 18 |
| 19 ThirdPartyHostAuthenticator::ThirdPartyHostAuthenticator( |
| 20 const std::string& local_cert, |
| 21 scoped_refptr<RsaKeyPair> key_pair, |
| 22 scoped_ptr<TokenValidator> token_validator) |
| 23 : ThirdPartyAuthenticatorBase(MESSAGE_READY), |
| 24 local_cert_(local_cert), |
| 25 key_pair_(key_pair), |
| 26 token_validator_(token_validator.Pass()) { |
| 27 } |
| 28 |
| 29 ThirdPartyHostAuthenticator::~ThirdPartyHostAuthenticator() { |
| 30 } |
| 31 |
| 32 void ThirdPartyHostAuthenticator::ProcessTokenMessage( |
| 33 const buzz::XmlElement* message, |
| 34 const base::Closure& resume_callback) { |
| 35 // Host has already sent the URL and expects a token from the client. |
| 36 std::string token = message->TextNamed(kTokenTag); |
| 37 if (token.empty()) { |
| 38 LOG(ERROR) << "Third-party authentication protocol error: missing token."; |
| 39 token_state_ = REJECTED; |
| 40 rejection_reason_ = PROTOCOL_ERROR; |
| 41 resume_callback.Run(); |
| 42 return; |
| 43 } |
| 44 |
| 45 token_state_ = PROCESSING_MESSAGE; |
| 46 |
| 47 // This message also contains the client's first SPAKE message. Copy the |
| 48 // message into the callback, so that OnThirdPartyTokenValidated can give it |
| 49 // to the underlying SPAKE authenticator that will be created. |
| 50 // |token_validator_| is owned, so Unretained() is safe here. |
| 51 token_validator_->ValidateThirdPartyToken(token, base::Bind( |
| 52 &ThirdPartyHostAuthenticator::OnThirdPartyTokenValidated, |
| 53 base::Unretained(this), |
| 54 base::Owned(new buzz::XmlElement(*message)), |
| 55 resume_callback)); |
| 56 } |
| 57 |
| 58 void ThirdPartyHostAuthenticator::AddTokenElements( |
| 59 buzz::XmlElement* message) { |
| 60 DCHECK_EQ(token_state_, MESSAGE_READY); |
| 61 DCHECK(token_validator_->token_url().is_valid()); |
| 62 DCHECK(!token_validator_->token_scope().empty()); |
| 63 |
| 64 buzz::XmlElement* token_url_tag = new buzz::XmlElement( |
| 65 kTokenUrlTag); |
| 66 token_url_tag->SetBodyText(token_validator_->token_url().spec()); |
| 67 message->AddElement(token_url_tag); |
| 68 buzz::XmlElement* token_scope_tag = new buzz::XmlElement( |
| 69 kTokenScopeTag); |
| 70 token_scope_tag->SetBodyText(token_validator_->token_scope()); |
| 71 message->AddElement(token_scope_tag); |
| 72 token_state_ = WAITING_MESSAGE; |
| 73 } |
| 74 |
| 75 void ThirdPartyHostAuthenticator::OnThirdPartyTokenValidated( |
| 76 const buzz::XmlElement* message, |
| 77 const base::Closure& resume_callback, |
| 78 const std::string& shared_secret) { |
| 79 if (shared_secret.empty()) { |
| 80 token_state_ = REJECTED; |
| 81 rejection_reason_ = INVALID_CREDENTIALS; |
| 82 resume_callback.Run(); |
| 83 return; |
| 84 } |
| 85 |
| 86 // The other side already started the SPAKE authentication. |
| 87 token_state_ = ACCEPTED; |
| 88 underlying_ = V2Authenticator::CreateForHost( |
| 89 local_cert_, key_pair_, shared_secret, WAITING_MESSAGE); |
| 90 underlying_->ProcessMessage(message, resume_callback); |
| 91 } |
| 92 |
| 93 } // namespace protocol |
| 94 } // namespace remoting |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 12326090:
Third Party authentication protocol. (Closed)
Base URL: http://git.chromium.org/chromium/src.git@host_key_pair