remoting/host/token_validator_base.cc - Issue 1422573008: Plumbing SSLPrivateKey (//net)

Side by Side Diff: remoting/host/token_validator_base.cc

Issue 1422573008: Plumbing SSLPrivateKey (//net) (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Removing un-needed forward decl. Created 5 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright 2014 The Chromium Authors. All rights reserved.	1 // Copyright 2014 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "remoting/host/token_validator_base.h"	5 #include "remoting/host/token_validator_base.h"

6	6

7 #include "base/base64.h"	7 #include "base/base64.h"

8 #include "base/bind.h"	8 #include "base/bind.h"

9 #include "base/callback.h"	9 #include "base/callback.h"

10 #include "base/json/json_reader.h"	10 #include "base/json/json_reader.h"

11 #include "base/logging.h"	11 #include "base/logging.h"

12 #include "base/memory/weak_ptr.h"	12 #include "base/memory/weak_ptr.h"

13 #include "base/single_thread_task_runner.h"	13 #include "base/single_thread_task_runner.h"

14 #include "base/strings/string_util.h"	14 #include "base/strings/string_util.h"

15 #include "base/values.h"	15 #include "base/values.h"

16 #include "net/base/escape.h"	16 #include "net/base/escape.h"

17 #include "net/base/io_buffer.h"	17 #include "net/base/io_buffer.h"

18 #include "net/base/request_priority.h"	18 #include "net/base/request_priority.h"

19 #include "net/base/upload_bytes_element_reader.h"	19 #include "net/base/upload_bytes_element_reader.h"

20 #include "net/base/upload_data_stream.h"	20 #include "net/base/upload_data_stream.h"

21 #include "net/ssl/client_cert_store.h"	21 #include "net/ssl/client_cert_store.h"

22 #if defined(USE_NSS_CERTS)	22 #if defined(USE_NSS_CERTS)

23 #include "net/ssl/client_cert_store_nss.h"	23 #include "net/ssl/client_cert_store_nss.h"

24 #elif defined(OS_WIN)	24 #elif defined(OS_WIN)

25 #include "net/ssl/client_cert_store_win.h"	25 #include "net/ssl/client_cert_store_win.h"

26 #elif defined(OS_MACOSX)	26 #elif defined(OS_MACOSX)

27 #include "net/ssl/client_cert_store_mac.h"	27 #include "net/ssl/client_cert_store_mac.h"

28 #endif	28 #endif

29 #include "net/ssl/ssl_cert_request_info.h"	29 #include "net/ssl/ssl_cert_request_info.h"

	30 #include "net/ssl/ssl_platform_key.h"

	31 #include "net/ssl/ssl_private_key.h"

30 #include "net/url_request/url_request.h"	32 #include "net/url_request/url_request.h"

31 #include "net/url_request/url_request_context.h"	33 #include "net/url_request/url_request_context.h"

32 #include "net/url_request/url_request_status.h"	34 #include "net/url_request/url_request_status.h"

33 #include "url/gurl.h"	35 #include "url/gurl.h"

34	36

35 namespace {	37 namespace {

36	38

37 const int kBufferSize = 4096;	39 const int kBufferSize = 4096;

38 const char kCertIssuerWildCard[] = "*";	40 const char kCertIssuerWildCard[] = "*";

39	41

(...skipping 105 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
145 base::Owned(client_cert_store)));	147 base::Owned(client_cert_store)));

146 }	148 }

147	149

148 void TokenValidatorBase::OnCertificatesSelected(	150 void TokenValidatorBase::OnCertificatesSelected(

149 net::CertificateList* selected_certs,	151 net::CertificateList* selected_certs,

150 net::ClientCertStore* unused) {	152 net::ClientCertStore* unused) {

151 const std::string& issuer =	153 const std::string& issuer =

152 third_party_auth_config_.token_validation_cert_issuer;	154 third_party_auth_config_.token_validation_cert_issuer;

153 if (request_) {	155 if (request_) {

154 for (size_t i = 0; i < selected_certs->size(); ++i) {	156 for (size_t i = 0; i < selected_certs->size(); ++i) {

	157 net::X509Certificate* cert = (*selected_certs)[i].get();

155 if (issuer == kCertIssuerWildCard \|\|	158 if (issuer == kCertIssuerWildCard \|\|

156 issuer == (*selected_certs)[i]->issuer().common_name) {	159 issuer == cert->issuer().common_name) {

157 request_->ContinueWithCertificate((*selected_certs)[i].get());	160 request_->ContinueWithCertificate(

	161 cert, net::FetchClientCertPrivateKey(cert).get());

158 return;	162 return;

159 }	163 }

160 }	164 }

161 request_->ContinueWithCertificate(nullptr);	165 request_->ContinueWithCertificate(nullptr, nullptr);

162 }	166 }

163 }	167 }

164	168

165 bool TokenValidatorBase::IsValidScope(const std::string& token_scope) {	169 bool TokenValidatorBase::IsValidScope(const std::string& token_scope) {

166 // TODO(rmsousa): Deal with reordering/subsets/supersets/aliases/etc.	170 // TODO(rmsousa): Deal with reordering/subsets/supersets/aliases/etc.

167 return token_scope == token_scope_;	171 return token_scope == token_scope_;

168 }	172 }

169	173

170 std::string TokenValidatorBase::ProcessResponse() {	174 std::string TokenValidatorBase::ProcessResponse() {

171 // Verify that we got a successful response.	175 // Verify that we got a successful response.

(...skipping 27 matching lines...) Expand all Loading...
199 return std::string();	203 return std::string();

200 }	204 }

201	205

202 std::string shared_secret;	206 std::string shared_secret;

203 // Everything is valid, so return the shared secret to the caller.	207 // Everything is valid, so return the shared secret to the caller.

204 dict->GetStringWithoutPathExpansion("access_token", &shared_secret);	208 dict->GetStringWithoutPathExpansion("access_token", &shared_secret);

205 return shared_secret;	209 return shared_secret;

206 }	210 }

207	211

208 } // namespace remoting	212 } // namespace remoting

OLD	NEW

« no previous file with comments | « remoting/host/token_validator_base.h ('k') | no next file » | no next file with comments »