remoting/host/token_validator_base.cc - Issue 1304143010: Plumbing SSLPrivateKey

Side by Side Diff: remoting/host/token_validator_base.cc

Issue 1304143010: Plumbing SSLPrivateKey Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Rebase. Created 5 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

OLD	NEW
1 // Copyright 2014 The Chromium Authors. All rights reserved.	1 // Copyright 2014 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "remoting/host/token_validator_base.h"	5 #include "remoting/host/token_validator_base.h"

6	6

7 #include "base/base64.h"	7 #include "base/base64.h"

8 #include "base/bind.h"	8 #include "base/bind.h"

9 #include "base/callback.h"	9 #include "base/callback.h"

10 #include "base/json/json_reader.h"	10 #include "base/json/json_reader.h"

11 #include "base/logging.h"	11 #include "base/logging.h"

12 #include "base/memory/weak_ptr.h"	12 #include "base/memory/weak_ptr.h"

13 #include "base/single_thread_task_runner.h"	13 #include "base/single_thread_task_runner.h"

14 #include "base/strings/string_util.h"	14 #include "base/strings/string_util.h"

15 #include "base/values.h"	15 #include "base/values.h"

16 #include "net/base/escape.h"	16 #include "net/base/escape.h"

17 #include "net/base/io_buffer.h"	17 #include "net/base/io_buffer.h"

18 #include "net/base/request_priority.h"	18 #include "net/base/request_priority.h"

19 #include "net/base/upload_bytes_element_reader.h"	19 #include "net/base/upload_bytes_element_reader.h"

20 #include "net/base/upload_data_stream.h"	20 #include "net/base/upload_data_stream.h"

21 #include "net/ssl/client_cert_store.h"	21 #include "net/ssl/client_cert_store.h"

22 #if defined(USE_NSS_CERTS)	22 #if defined(USE_NSS_CERTS)

23 #include "net/ssl/client_cert_store_nss.h"	23 #include "net/ssl/client_cert_store_nss.h"

24 #elif defined(OS_WIN)	24 #elif defined(OS_WIN)

25 #include "net/ssl/client_cert_store_win.h"	25 #include "net/ssl/client_cert_store_win.h"

26 #elif defined(OS_MACOSX)	26 #elif defined(OS_MACOSX)

27 #include "net/ssl/client_cert_store_mac.h"	27 #include "net/ssl/client_cert_store_mac.h"

28 #endif	28 #endif

29 #include "net/ssl/ssl_cert_request_info.h"	29 #include "net/ssl/ssl_cert_request_info.h"

	30 #include "net/ssl/ssl_platform_key.h"

	31 #include "net/ssl/ssl_private_key.h"

30 #include "net/url_request/url_request.h"	32 #include "net/url_request/url_request.h"

31 #include "net/url_request/url_request_context.h"	33 #include "net/url_request/url_request_context.h"

32 #include "net/url_request/url_request_status.h"	34 #include "net/url_request/url_request_status.h"

33 #include "url/gurl.h"	35 #include "url/gurl.h"

34	36

35 namespace {	37 namespace {

36	38

37 const int kBufferSize = 4096;	39 const int kBufferSize = 4096;

38 const char kCertIssuerWildCard[] = "*";	40 const char kCertIssuerWildCard[] = "*";

39	41

(...skipping 99 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
139	141

140 void TokenValidatorBase::OnCertificatesSelected(	142 void TokenValidatorBase::OnCertificatesSelected(

141 net::CertificateList* selected_certs,	143 net::CertificateList* selected_certs,

142 net::ClientCertStore* unused) {	144 net::ClientCertStore* unused) {

143 const std::string& issuer =	145 const std::string& issuer =

144 third_party_auth_config_.token_validation_cert_issuer;	146 third_party_auth_config_.token_validation_cert_issuer;

145 if (request_) {	147 if (request_) {

146 for (size_t i = 0; i < selected_certs->size(); ++i) {	148 for (size_t i = 0; i < selected_certs->size(); ++i) {

147 if (issuer == kCertIssuerWildCard \|\|	149 if (issuer == kCertIssuerWildCard \|\|

148 issuer == (*selected_certs)[i]->issuer().common_name) {	150 issuer == (*selected_certs)[i]->issuer().common_name) {

149 request_->ContinueWithCertificate((*selected_certs)[i].get());	151 scoped_refptr<net::SSLPrivateKey> pkey =

	152 net::FetchClientCertPrivateKey((*selected_certs)[i].get());

	153 request_->ContinueWithCertificate((*selected_certs)[i].get(),

	154 pkey.get());

150 return;	155 return;

151 }	156 }

152 }	157 }

153 request_->ContinueWithCertificate(nullptr);	158 request_->ContinueWithCertificate(nullptr, nullptr);

154 }	159 }

155 }	160 }

156	161

157 bool TokenValidatorBase::IsValidScope(const std::string& token_scope) {	162 bool TokenValidatorBase::IsValidScope(const std::string& token_scope) {

158 // TODO(rmsousa): Deal with reordering/subsets/supersets/aliases/etc.	163 // TODO(rmsousa): Deal with reordering/subsets/supersets/aliases/etc.

159 return token_scope == token_scope_;	164 return token_scope == token_scope_;

160 }	165 }

161	166

162 std::string TokenValidatorBase::ProcessResponse() {	167 std::string TokenValidatorBase::ProcessResponse() {

163 // Verify that we got a successful response.	168 // Verify that we got a successful response.

(...skipping 27 matching lines...) Expand all Loading...
191 return std::string();	196 return std::string();

192 }	197 }

193	198

194 std::string shared_secret;	199 std::string shared_secret;

195 // Everything is valid, so return the shared secret to the caller.	200 // Everything is valid, so return the shared secret to the caller.

196 dict->GetStringWithoutPathExpansion("access_token", &shared_secret);	201 dict->GetStringWithoutPathExpansion("access_token", &shared_secret);

197 return shared_secret;	202 return shared_secret;

198 }	203 }

199	204

200 } // namespace remoting	205 } // namespace remoting

OLD	NEW

« remoting/host/token_validator_base.h ('K') | « remoting/host/token_validator_base.h ('k') | no next file » | no next file with comments »