Host-side third party token validation

remoting/host/remoting_me2me_host.cc

Index: remoting/host/remoting_me2me_host.cc
diff --git a/remoting/host/remoting_me2me_host.cc b/remoting/host/remoting_me2me_host.cc
index 033d9d82b9c2ae28ecfb7168bbba35e579d730ff..7501e50f657f1b0ae31227e5c539240641e79543 100644
--- a/remoting/host/remoting_me2me_host.cc
+++ b/remoting/host/remoting_me2me_host.cc
@@ -54,6 +54,7 @@
 #include "remoting/host/host_config.h"
 #include "remoting/host/host_event_logger.h"
 #include "remoting/host/host_exit_codes.h"
+#include "remoting/host/host_token_validator_factory.h"
 #include "remoting/host/host_user_interface.h"
 #include "remoting/host/ipc_constants.h"
 #include "remoting/host/ipc_desktop_environment.h"
@@ -69,6 +70,7 @@
 #include "remoting/host/ui_strings.h"
 #include "remoting/host/usage_stats_consent.h"
 #include "remoting/jingle_glue/xmpp_signal_strategy.h"
+#include "remoting/protocol/key_pair.h"
 #include "remoting/protocol/me2me_host_authenticator_factory.h"
 
 #if defined(OS_POSIX)
@@ -241,6 +243,8 @@ class HostProcess
   bool OnNatPolicyUpdate(bool nat_traversal_enabled);
   bool OnCurtainPolicyUpdate(bool curtain_required);
   bool OnHostTalkGadgetPrefixPolicyUpdate(const std::string& talkgadget_prefix);
+  bool OnHostTokenUrlPolicyUpdate(const std::string& token_issue_url,
+                                  const std::string& token_verification_url);
 
   void StartHost();
 
@@ -304,9 +308,12 @@ class HostProcess
   scoped_ptr<CurtainMode> curtain_;
   scoped_ptr<CurtainingHostObserver> curtaining_host_observer_;
   bool curtain_required_;
+  std::string token_issue_url_;
+  std::string token_verification_url_;
 
   scoped_ptr<DesktopResizer> desktop_resizer_;
   scoped_ptr<ResizingHostObserver> resizing_host_observer_;
+  scoped_ptr<HostTokenValidatorFactory> host_token_validator_factory_;
   scoped_ptr<XmppSignalStrategy> signal_strategy_;
   scoped_ptr<SignalingConnector> signaling_connector_;
   scoped_ptr<HeartbeatSender> heartbeat_sender_;
@@ -352,6 +359,9 @@ HostProcess::HostProcess(scoped_ptr<ChromotingHostContext> context,
       base::Bind(&HostProcess::OnCurtainModeFailed,
                  base::Unretained(this)));
 
+  host_token_validator_factory_.reset(

[Wez, 2013/03/06 01:01:08]

nit: Comment e.g. "Create factory for third-party token authentication."

[rmsousa, 2013/03/25 22:45:58]

Done.

+      new HostTokenValidatorFactory(context_->url_request_context_getter()));
+
   StartOnUiThread();
 }
 
@@ -524,7 +534,8 @@ void HostProcess::CreateAuthenticatorFactory() {
   scoped_ptr<protocol::AuthenticatorFactory> factory(
       new protocol::Me2MeHostAuthenticatorFactory(
           local_certificate, key_pair_.Copy(), host_secret_hash_,
-          "", "", NULL));
+          token_issue_url_, token_verification_url_,
+          host_token_validator_factory_.get()));

[Wez, 2013/03/06 01:01:08]

Remind me, will this become Pass()?

[rmsousa, 2013/03/25 22:45:58]

"It's complicated". Basically, NegotiatingAuthenticator needs to have a
reference to the factory (because it may need to create more than authenticator,
and each authenticator owns its own validator). Me2MeAuthenticatorFactory
doesn't own the NegotiatingAuthenticator, and is not guaranteed to outlive it
(it may be that it currently does, but it's not explicitly designed to), so
Me2MeAuthenticatorFactory can't own the TokenValidatorFactory and give
NegotiatingAuthenticator a reference, otherwise that reference may be pulled
from the NegotiatingAuthenticator's feet.
So the options are: Make the TokenValidatorFactory a global, stateless object,
and have all the policy/config parameters be passed as parameters to its
CreateValidator() method, or have the TokenValidatorFactory be stateful and
refcounted. We don't seem to like refcounting random objects in our code unless
we need to, so I went with the global/stateless approach (the refcounted
approach is still in this CL's history, see PatchSet #3 if you're curious).

 #if defined(OS_POSIX)
   // On Linux and Mac, perform a PAM authorization step after authentication.
   factory.reset(new PamAuthorizationFactory(factory.Pass()));
@@ -767,7 +778,18 @@ void HostProcess::OnPolicyUpdate(scoped_ptr<base::DictionaryValue> policies) {
           &bool_value)) {
     restart_required |= OnCurtainPolicyUpdate(bool_value);
   }
+  std::string token_issue_url, token_verification_url;
+  if (policies->GetString(
+          policy_hack::PolicyWatcher::kHostTokenIssueUrlPolicyName,
+          &token_issue_url) &&
+      policies->GetString(
+          policy_hack::PolicyWatcher::kHostTokenVerificationUrlPolicyName,
+          &token_verification_url)) {
+    restart_required |= OnHostTokenUrlPolicyUpdate(token_issue_url,
+                                                   token_verification_url);
+  }
 
+  // TODO(rmsousa): Read token URL policies.

[Wez, 2013/03/06 01:01:08]

Remove this TODO

[rmsousa, 2013/03/25 22:45:58]

Done.

   if (state_ == HOST_INITIALIZING) {
     StartHost();
   } else if (state_ == HOST_STARTED && restart_required) {
@@ -880,6 +902,30 @@ bool HostProcess::OnHostTalkGadgetPrefixPolicyUpdate(
   return false;
 }
 
+bool HostProcess::OnHostTokenUrlPolicyUpdate(
+    const std::string& token_issue_url,
+    const std::string& token_verification_url) {
+  // Returns true if the host has to be restarted after this policy update.
+  DCHECK(context_->network_task_runner()->BelongsToCurrentThread());
+
+  if (token_issue_url != token_issue_url_ ||
+      token_verification_url != token_verification_url_) {
+    LOG(INFO) << "Policy sets token urls: " << token_issue_url << ", " <<
+        token_verification_url;
+    if ((token_issue_url.empty() || token_verification_url.empty()) &&
+        token_issue_url != token_verification_url) {

[Wez, 2013/03/06 01:01:08]

I think it's clearer to structure this with a check for either being empty, and
saying "one or other is empty", with an else that displays the two values.

[rmsousa, 2013/03/25 22:45:58]

Done.

+      LOG(ERROR) <<
+          "Only one token URL set. Token authentication will be disabled. " <<
+          "TokenIssueUrl: " << token_issue_url << ", "
+          "TokenVerificationUrl: " << token_verification_url;
+    }

[Wez, 2013/03/06 01:01:08]

nit: Blank line after this.

[rmsousa, 2013/03/25 22:45:58]

Done.

+    token_issue_url_ = token_issue_url;
+    token_verification_url_ = token_verification_url;

[Wez, 2013/03/06 01:01:08]

nit: Blank line after this

[rmsousa, 2013/03/25 22:45:58]

Done.

+    return true;
+  }
+  return false;
+}
+
 void HostProcess::StartHost() {
   DCHECK(context_->network_task_runner()->BelongsToCurrentThread());
   DCHECK(!host_);