Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(680)

Unified Diff: remoting/protocol/third_party_authenticator_base.h

Issue 12326090: Third Party authentication protocol. (Closed) Base URL: http://git.chromium.org/chromium/src.git@host_key_pair
Patch Set: Reviewer comments Created 7 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: remoting/protocol/third_party_authenticator_base.h
diff --git a/remoting/protocol/third_party_authenticator_base.h b/remoting/protocol/third_party_authenticator_base.h
new file mode 100644
index 0000000000000000000000000000000000000000..0db203d615ff63ffb76e160e71b73d7b8c59da31
--- /dev/null
+++ b/remoting/protocol/third_party_authenticator_base.h
@@ -0,0 +1,78 @@
+// Copyright 2013 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef REMOTING_PROTOCOL_THIRD_PARTY_AUTHENTICATOR_BASE_H_
+#define REMOTING_PROTOCOL_THIRD_PARTY_AUTHENTICATOR_BASE_H_
+
+#include <string>
+
+#include "base/callback.h"
+#include "base/memory/scoped_ptr.h"
+#include "remoting/protocol/authenticator.h"
+#include "third_party/libjingle/source/talk/xmllite/qname.h"
+
+namespace buzz {
+
+class XmlElement;
+
+} // namespace buzz
+
+namespace remoting {
+namespace protocol {
+
+// Implements an authentication method that relies on a third party server for
+// authentication of both client and host.
+// When third party authentication is being used, the client must request both a
+// token and a shared secret from a third-party server (which may require the
+// user to authenticate themselves). The client then sends only the token to the
+// host. The host signs the token, then contacts the third-party server to
+// exchange the token for the shared secret. Once both client and host have the
+// shared secret, they use an underlying |V2Authenticator| (SPAKE2) to negotiate
+// an authentication key, which is used to establish the connection.
+class ThirdPartyAuthenticatorBase : public Authenticator {
+ public:
+ virtual ~ThirdPartyAuthenticatorBase();
+
+ // Authenticator interface.
+ virtual State state() const OVERRIDE;
+ virtual RejectionReason rejection_reason() const OVERRIDE;
+ virtual void ProcessMessage(const buzz::XmlElement* message,
+ const base::Closure& resume_callback) OVERRIDE;
+ virtual scoped_ptr<buzz::XmlElement> GetNextMessage() OVERRIDE;
+ virtual scoped_ptr<ChannelAuthenticator>
+ CreateChannelAuthenticator() const OVERRIDE;
+
+ protected:
+ // XML tag names for third party authentication fields.
+ static const buzz::StaticQName kTokenUrlTag;
+ static const buzz::StaticQName kTokenScopeTag;
+ static const buzz::StaticQName kTokenTag;
+
+ explicit ThirdPartyAuthenticatorBase(State initial_state);
+
+ // Gives the message to the underlying authenticator for processing.
+ void ProcessUnderlyingMessage(
+ const buzz::XmlElement* message,
+ const base::Closure& resume_callback);
+
+ // Processes the token-related elements of the message.
+ virtual void ProcessTokenMessage(
+ const buzz::XmlElement* message,
+ const base::Closure& resume_callback) = 0;
+
+ // Adds the token related XML elements to the message.
+ virtual void AddTokenElements(buzz::XmlElement* message) = 0;
+
+ scoped_ptr<Authenticator> underlying_;
+ State token_state_;
+ RejectionReason rejection_reason_;
+
+ private:
+ DISALLOW_COPY_AND_ASSIGN(ThirdPartyAuthenticatorBase);
+};
+
+} // namespace protocol
+} // namespace remoting
+
+#endif // REMOTING_PROTOCOL_THIRD_PARTY_AUTHENTICATOR_BASE_H_

Powered by Google App Engine
This is Rietveld 408576698