[Chromoting] Make the Windows host controller ask the user to confirm host registration.

remoting/host/verify_config_window_win.cc

+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "remoting/host/verify_config_window_win.h"
+
+#include <windows.h>
+
+#include "base/base64.h"
+#include "base/compiler_specific.h"
+#include "base/logging.h"
+#include "base/utf_string_conversions.h"
+#include "remoting/host/elevated_controller_resource.h"
+#include "remoting/protocol/authentication_method.h"
+// TODO(garykac): Lots of duplicated code in this file and
+// disconnect_window_win.cc. These global floating windows are temporary so
+// they should be deleted soon. If we need to expand this then we should
+// create a class with the shared code.
+
+// HINSTANCE from WinMain. This is needed to find our dialog resource.
+// This is defined in elevated_controller_module_win.cc
+extern HINSTANCE g_hInstance;
+
+namespace remoting {
+
+  VerifyConfigWindowWin::VerifyConfigWindowWin(const std::string& email,

[alexeypa (please no reviews), 2012/04/12 21:20:41]

Broken indentation

[simonmorris, 2012/04/12 22:11:44]

Done.

+      const std::string& host_id, const std::string& host_secret_hash)
+    : hwnd_(NULL),
+      email_(email),
+      host_id_(host_id),
+      host_secret_hash_(host_secret_hash) {
+}
+
+VerifyConfigWindowWin::~VerifyConfigWindowWin() {
+  EndDialog();
+}
+
+int VerifyConfigWindowWin::Run() {
+  return DialogBoxParam(g_hInstance, MAKEINTRESOURCE(IDD_VERIFY_CONFIG_DIALOG),
+      NULL, (DLGPROC)DialogProc, (LPARAM)this);
+}
+
+BOOL CALLBACK VerifyConfigWindowWin::DialogProc(HWND hwnd, UINT msg,
+                                                WPARAM wParam, LPARAM lParam) {
+  VerifyConfigWindowWin* win = NULL;
+  if (msg == WM_INITDIALOG) {

[alexeypa (please no reviews), 2012/04/12 21:20:41]

Using dialog classes from ATL should help you to get rid of this.

[simonmorris, 2012/04/12 22:11:44]

I've added a TODO to the header file. Given the time constraints, I don't think
there's a need to rewrite this code now. Also, it's consistent with
continue_window_win and disconnect_window_win.

+    win = reinterpret_cast<VerifyConfigWindowWin*>(lParam);
+    CHECK(win);
+    SetWindowLongPtr(hwnd, DWLP_USER, (LONG_PTR)win);
+  } else {
+    LONG_PTR lp = GetWindowLongPtr(hwnd, DWLP_USER);
+    win = reinterpret_cast<VerifyConfigWindowWin*>(lp);
+  }
+  if (win == NULL)
+    return FALSE;
+  return win->OnDialogMessage(hwnd, msg, wParam, lParam);
+}
+
+BOOL VerifyConfigWindowWin::OnDialogMessage(HWND hwnd, UINT msg,
+                                            WPARAM wParam, LPARAM lParam) {
+  switch (msg) {
+    case WM_INITDIALOG:

[alexeypa (please no reviews), 2012/04/12 21:20:41]

It can be much more readable ATL message handles map.

[simonmorris, 2012/04/12 22:11:44]

Added a TODO.

+      hwnd_ = hwnd;
+      InitDialog();
+      return TRUE;
+    case WM_DESTROY:
+      ::EndDialog(hwnd, 0);
+    case WM_COMMAND:
+      switch (LOWORD(wParam)) {
+        case IDOK:
+          ::EndDialog(hwnd, VerifyHostSecretHash());
+          hwnd_ = NULL;
+          return TRUE;
+        case IDCANCEL:
+          ::EndDialog(hwnd, 0);
+          hwnd_ = NULL;
+          return TRUE;
+      }
+  }
+  return FALSE;
+}
+
+void VerifyConfigWindowWin::InitDialog() {
+  // TODO(simonmorris): Get these strings from the host, for l10n.
+  SetWindowText(hwnd_, L"Chrome Remote Desktop");

[alexeypa (please no reviews), 2012/04/12 21:20:41]

Why are we doing this? Shouldn't this come from the resources?  If the goal is
to make it i18n-able that it is not going to work. Translated strings are
longer, and they will not fit a fixed-size dialog. MUI should really be used to
do i18n.

[simonmorris, 2012/04/12 22:11:44]

The string code here is only intended to be good enough for now.
Existing code (continue_window_win and disconnect_window_win) takes l10n strings
from the host, so that's the approach I suggest as a follow-up.

+
+  HWND hwndOk = GetDlgItem(hwnd_, IDOK);
+  CHECK(hwndOk);
+  SetWindowText(hwndOk, L"OK");
+
+  HWND hwndCancel = GetDlgItem(hwnd_, IDCANCEL);
+  CHECK(hwndCancel);
+  SetWindowText(hwndCancel, L"Cancel");
+
+  HWND hwndMessage = GetDlgItem(hwnd_, IDC_MESSAGE);
+  CHECK(hwndMessage);
+  SetWindowText(hwndMessage, L"To confirm that your Chrome Remote Desktop "
+      L"should be accessible by this account, please enter your PIN below.");
+
+  HWND hwndEmail = GetDlgItem(hwnd_, IDC_EMAIL);
+  CHECK(hwndEmail);
+  SetWindowText(hwndEmail, UTF8ToUTF16(email_).c_str());
+
+  HWND hwndPin = GetDlgItem(hwnd_, IDC_PIN);
+  CHECK(hwndPin);
+  SetFocus(hwndPin);
+}
+
+void VerifyConfigWindowWin::EndDialog() {
+  if (hwnd_) {
+    ::EndDialog(hwnd_, 0);
+    hwnd_ = NULL;
+  }
+}
+
+bool VerifyConfigWindowWin::VerifyHostSecretHash() {
+  const int kMaxPinLength = 256;
+  scoped_array<WCHAR> pinWSTR(new WCHAR[kMaxPinLength]);

[alexeypa (please no reviews), 2012/04/12 21:20:41]

ATL has a string class which will be more convenient.

[simonmorris, 2012/04/12 22:11:44]

Added a TODO.

+  HWND hwndPin = GetDlgItem(hwnd_, IDC_PIN);
+  CHECK(hwndPin);
+  GetWindowText(hwndPin, pinWSTR.get(), kMaxPinLength);
+
+  // TODO(simonmorris): This code was copied from host_script_object.cc.
+  // Refactor.
+  std::string pin(UTF16ToUTF8(pinWSTR.get()));
+  std::string hash = protocol::AuthenticationMethod::ApplyHashFunction(
+      protocol::AuthenticationMethod::HMAC_SHA256, host_id_, pin);
+  std::string hash_base64;
+  bool base64_result = base::Base64Encode(hash, &hash_base64);
+  if (!base64_result) {
+    LOG(FATAL) << "Base64Encode failed";
+  }
+  hash_base64 = "hmac:" + hash_base64;
+
+  return (hash_base64 == host_secret_hash_);
+}
+
+}  // namespace remoting