| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "remoting/protocol/negotiating_authenticator.h" | 5 #include "remoting/protocol/negotiating_authenticator.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 #include <sstream> | 8 #include <sstream> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 42 DCHECK(!methods.empty()); | 42 DCHECK(!methods.empty()); |
| 43 for (std::vector<AuthenticationMethod>::const_iterator it = methods.begin(); | 43 for (std::vector<AuthenticationMethod>::const_iterator it = methods.begin(); |
| 44 it != methods.end(); ++it) { | 44 it != methods.end(); ++it) { |
| 45 result->AddMethod(*it); | 45 result->AddMethod(*it); |
| 46 } | 46 } |
| 47 | 47 |
| 48 return scoped_ptr<Authenticator>(result.Pass()); | 48 return scoped_ptr<Authenticator>(result.Pass()); |
| 49 } | 49 } |
| 50 | 50 |
| 51 // static | 51 // static |
| 52 scoped_ptr<Authenticator> NegotiatingAuthenticator::CreateForHost( | 52 scoped_ptr<Authenticator> NegotiatingAuthenticator::CreateForHostSharedSecret( |
| 53 const std::string& local_cert, | 53 const std::string& local_cert, |
| 54 scoped_refptr<RsaKeyPair> key_pair, | 54 scoped_refptr<RsaKeyPair> key_pair, |
| 55 const std::string& shared_secret_hash, | 55 const std::string& shared_secret_hash, |
| 56 AuthenticationMethod::HashFunction hash_function) { | 56 AuthenticationMethod::HashFunction hash_function) { |
| 57 scoped_ptr<NegotiatingAuthenticator> result( | 57 scoped_ptr<NegotiatingAuthenticator> result( |
| 58 new NegotiatingAuthenticator(WAITING_MESSAGE)); | 58 new NegotiatingAuthenticator(WAITING_MESSAGE)); |
| 59 result->local_cert_ = local_cert; | 59 result->local_cert_ = local_cert; |
| 60 result->local_key_pair_ = key_pair; | 60 result->local_key_pair_ = key_pair; |
| 61 result->shared_secret_hash_ = shared_secret_hash; | 61 result->shared_secret_hash_ = shared_secret_hash; |
| 62 result->AddMethod(AuthenticationMethod::Spake2(hash_function)); |
| 62 | 63 |
| 63 result->AddMethod(AuthenticationMethod::Spake2(hash_function)); | 64 return scoped_ptr<Authenticator>(result.Pass()); |
| 65 } |
| 66 |
| 67 // static |
| 68 scoped_ptr<Authenticator> NegotiatingAuthenticator::CreateForHostThirdParty( |
| 69 const std::string& local_cert, |
| 70 scoped_refptr<RsaKeyPair> key_pair, |
| 71 const std::string& local_jid, |
| 72 const std::string& remote_jid, |
| 73 scoped_refptr<ThirdPartyHostAuthenticator::TokenValidatorFactory> |
| 74 token_validator_factory) { |
| 75 scoped_ptr<NegotiatingAuthenticator> result( |
| 76 new NegotiatingAuthenticator(WAITING_MESSAGE)); |
| 77 result->local_jid_ = local_jid; |
| 78 result->remote_jid_ = remote_jid; |
| 79 result->local_cert_ = local_cert; |
| 80 result->local_key_pair_ = key_pair; |
| 81 result->AddMethod(AuthenticationMethod::ThirdParty()); |
| 64 | 82 |
| 65 return scoped_ptr<Authenticator>(result.Pass()); | 83 return scoped_ptr<Authenticator>(result.Pass()); |
| 66 } | 84 } |
| 67 | 85 |
| 68 NegotiatingAuthenticator::NegotiatingAuthenticator( | 86 NegotiatingAuthenticator::NegotiatingAuthenticator( |
| 69 Authenticator::State initial_state) | 87 Authenticator::State initial_state) |
| 70 : current_method_(AuthenticationMethod::Invalid()), | 88 : current_method_(AuthenticationMethod::Invalid()), |
| 71 state_(initial_state), | 89 state_(initial_state), |
| 72 rejection_reason_(INVALID_CREDENTIALS), | 90 rejection_reason_(INVALID_CREDENTIALS), |
| 73 weak_factory_(ALLOW_THIS_IN_INITIALIZER_LIST(this)) { | 91 weak_factory_(ALLOW_THIS_IN_INITIALIZER_LIST(this)) { |
| (...skipping 140 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 214 return current_authenticator_->CreateChannelAuthenticator(); | 232 return current_authenticator_->CreateChannelAuthenticator(); |
| 215 } | 233 } |
| 216 | 234 |
| 217 bool NegotiatingAuthenticator::is_host_side() const { | 235 bool NegotiatingAuthenticator::is_host_side() const { |
| 218 return local_key_pair_.get() != NULL; | 236 return local_key_pair_.get() != NULL; |
| 219 } | 237 } |
| 220 | 238 |
| 221 void NegotiatingAuthenticator::CreateAuthenticator( | 239 void NegotiatingAuthenticator::CreateAuthenticator( |
| 222 Authenticator::State preferred_initial_state, | 240 Authenticator::State preferred_initial_state, |
| 223 const base::Closure& resume_callback) { | 241 const base::Closure& resume_callback) { |
| 242 DCHECK(current_method_.is_valid()); |
| 224 if (is_host_side()) { | 243 if (is_host_side()) { |
| 225 current_authenticator_ = V2Authenticator::CreateForHost( | 244 if (current_method_.type() == AuthenticationMethod::THIRD_PARTY) { |
| 226 local_cert_, local_key_pair_, shared_secret_hash_, | 245 current_authenticator_.reset(new ThirdPartyHostAuthenticator( |
| 227 preferred_initial_state); | 246 local_cert_, local_key_pair_, |
| 247 token_validator_factory_->CreateTokenValidator( |
| 248 local_jid_, remote_jid_))); |
| 249 } else { |
| 250 DCHECK_EQ(current_method_.type(), AuthenticationMethod::SPAKE2); |
| 251 current_authenticator_ = V2Authenticator::CreateForHost( |
| 252 local_cert_, local_key_pair_, shared_secret_hash_, |
| 253 preferred_initial_state); |
| 254 } |
| 228 resume_callback.Run(); | 255 resume_callback.Run(); |
| 229 } else { | 256 } else { |
| 230 fetch_secret_callback_.Run(base::Bind( | 257 fetch_secret_callback_.Run(base::Bind( |
| 231 &NegotiatingAuthenticator::CreateV2AuthenticatorWithSecret, | 258 &NegotiatingAuthenticator::CreateV2AuthenticatorWithSecret, |
| 232 weak_factory_.GetWeakPtr(), preferred_initial_state, resume_callback)); | 259 weak_factory_.GetWeakPtr(), preferred_initial_state, resume_callback)); |
| 233 } | 260 } |
| 234 } | 261 } |
| 235 | 262 |
| 236 void NegotiatingAuthenticator::ProcessMessageInternal( | 263 void NegotiatingAuthenticator::ProcessMessageInternal( |
| 237 const buzz::XmlElement* message, | 264 const buzz::XmlElement* message, |
| (...skipping 14 matching lines...) Expand all Loading... |
| 252 const std::string& shared_secret) { | 279 const std::string& shared_secret) { |
| 253 current_authenticator_ = V2Authenticator::CreateForClient( | 280 current_authenticator_ = V2Authenticator::CreateForClient( |
| 254 AuthenticationMethod::ApplyHashFunction( | 281 AuthenticationMethod::ApplyHashFunction( |
| 255 current_method_.hash_function(), authentication_tag_, shared_secret), | 282 current_method_.hash_function(), authentication_tag_, shared_secret), |
| 256 initial_state); | 283 initial_state); |
| 257 resume_callback.Run(); | 284 resume_callback.Run(); |
| 258 } | 285 } |
| 259 | 286 |
| 260 } // namespace protocol | 287 } // namespace protocol |
| 261 } // namespace remoting | 288 } // namespace remoting |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 12313085:
Host-side third party token validation (Closed)
Base URL: http://git.chromium.org/chromium/src.git@third_party_auth_protocol