Third Party authentication protocol.

remoting/protocol/third_party_authenticator_base.cc

Index: remoting/protocol/third_party_authenticator_base.cc
diff --git a/remoting/protocol/third_party_authenticator_base.cc b/remoting/protocol/third_party_authenticator_base.cc
new file mode 100644
index 0000000000000000000000000000000000000000..0ff4b57b42cda5475713512faccdf9800222eacb
--- /dev/null
+++ b/remoting/protocol/third_party_authenticator_base.cc
@@ -0,0 +1,91 @@
+// Copyright 2013 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "remoting/protocol/third_party_authenticator_base.h"
+
+#include "base/base64.h"
+#include "base/bind.h"
+#include "base/callback.h"
+#include "base/logging.h"
+#include "remoting/base/constants.h"
+#include "remoting/base/rsa_key_pair.h"
+#include "remoting/protocol/channel_authenticator.h"
+#include "remoting/protocol/v2_authenticator.h"
+#include "third_party/libjingle/source/talk/xmllite/xmlelement.h"
+
+namespace remoting {
+namespace protocol {
+
+// static
+const buzz::StaticQName ThirdPartyAuthenticatorBase::kTokenUrlTag = {

[Sergey Ulanov, 2013/03/07 21:20:41]

nit: it's more readable if you move { to the next line.

[rmsousa, 2013/03/20 01:30:16]

Done.

+    remoting::kChromotingXmlNamespace, "third-party-token-url" };
+const buzz::StaticQName ThirdPartyAuthenticatorBase::kTokenScopeTag = {
+    remoting::kChromotingXmlNamespace, "third-party-token-scope" };
+const buzz::StaticQName ThirdPartyAuthenticatorBase::kTokenTag = {
+    remoting::kChromotingXmlNamespace, "third-party-token" };
+
+ThirdPartyAuthenticatorBase::ThirdPartyAuthenticatorBase(
+    Authenticator::State initial_state)
+    : state_(initial_state),
+      rejection_reason_(INVALID_CREDENTIALS) {
+}
+
+ThirdPartyAuthenticatorBase::~ThirdPartyAuthenticatorBase() {
+}
+
+Authenticator::State ThirdPartyAuthenticatorBase::state() const {
+  if (state_ == ACCEPTED) {
+    return underlying_->state();
+  }
+  return state_;
+}
+
+Authenticator::RejectionReason ThirdPartyAuthenticatorBase::rejection_reason()
+    const {

[Sergey Ulanov, 2013/03/07 21:20:41]

nit: const must be next to closing bracket. Better to wrap function name:
  Authenticator::RejectionReason
  ThirdPartyAuthenticatorBase::rejection_reason() const {

[rmsousa, 2013/03/20 01:30:16]

Done.

+  DCHECK_EQ(state(), REJECTED);
+
+  if (state_ == REJECTED) {
+    return rejection_reason_;
+  } else {
+    return underlying_->rejection_reason();

[Sergey Ulanov, 2013/03/07 21:20:41]

Are we sure underlying_ exists here? Shouldn't this method be similar to state()
(i.e. underlying is called only when state_ == ACCEPTED).

[rmsousa, 2013/03/20 01:30:16]

This can only be called when state() is REJECTED. This is only possible if
either state_ is REJECTED, or underlying_->state() is REJECTED (in which case it
necessarily exists).

+  }
+}
+
+void ThirdPartyAuthenticatorBase::ProcessMessage(
+    const buzz::XmlElement* message,
+    const base::Closure& resume_callback) {
+  DCHECK_EQ(state(), WAITING_MESSAGE);
+
+  if (state_ == WAITING_MESSAGE) {
+    ProcessMessageInternal(message, resume_callback);
+  } else {
+    DCHECK(state_ == ACCEPTED);
+    DCHECK(underlying_);
+    DCHECK(underlying_->state() == WAITING_MESSAGE);
+    underlying_->ProcessMessage(message, resume_callback);
+  }
+}
+
+scoped_ptr<buzz::XmlElement> ThirdPartyAuthenticatorBase::GetNextMessage() {
+  DCHECK_EQ(state(), MESSAGE_READY);
+
+  scoped_ptr<buzz::XmlElement> message;
+  if (underlying_ && underlying_->state() == MESSAGE_READY) {
+    message = underlying_->GetNextMessage().Pass();
+  } else {
+    message = CreateEmptyAuthenticatorMessage();
+  }
+  GetNextMessageInternal(message.get());

[Sergey Ulanov, 2013/03/07 21:20:41]

Why do we need to call this for messages that we get from underlying_?

[rmsousa, 2013/03/20 01:30:16]

This adds the token related fields to the message. After the client gets the
token/shared secret, it can immediately create the V2Authenticator. Its message
to the host, thus, contains both the token related fields (in this case the
token), and the spake related fields from the underlying authenticator.

+  return message.Pass();
+}
+
+scoped_ptr<ChannelAuthenticator>
+ThirdPartyAuthenticatorBase::CreateChannelAuthenticator() const {
+  DCHECK_EQ(state(), ACCEPTED);
+
+  return underlying_->CreateChannelAuthenticator();
+}
+
+}  // namespace protocol
+}  // namespace remoting