OLD | NEW |
---|---|
(Empty) | |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "remoting/protocol/pairing_client_authenticator.h" | |
6 | |
7 #include "base/bind.h" | |
8 #include "base/logging.h" | |
9 #include "remoting/base/constants.h" | |
10 #include "remoting/base/rsa_key_pair.h" | |
11 #include "remoting/protocol/authentication_method.h" | |
12 #include "remoting/protocol/channel_authenticator.h" | |
13 #include "remoting/protocol/v2_authenticator.h" | |
14 #include "third_party/libjingle/source/talk/xmllite/xmlelement.h" | |
15 | |
16 namespace remoting { | |
17 namespace protocol { | |
18 | |
19 namespace { | |
20 // These definitions must be kept in sync with pairing_host_authenticator.cc. | |
Sergey Ulanov
2013/05/17 01:57:17
For some authenticators (e.g. third-party) we have
Jamie
2013/05/21 01:24:33
In light of one of your other comments, I've had t
| |
21 const buzz::StaticQName kPairingInfoTag = | |
22 { kChromotingXmlNamespace, "pairing-info" }; | |
23 const buzz::StaticQName kClientIdAttribute = | |
24 { "", "client-id" }; | |
25 const buzz::StaticQName kPairingFailedTag = | |
26 { kChromotingXmlNamespace, "pairing-failed" }; | |
Sergey Ulanov
2013/05/17 01:57:17
I'm not sure why we need pairing-failed message. I
rmsousa
2013/05/17 20:09:03
The failure case needs to use the same method name
| |
27 const buzz::StaticQName kPairingErrorAttribute = | |
28 { "", "error" }; | |
29 } // namespace | |
30 | |
31 PairingClientAuthenticator::PairingClientAuthenticator( | |
32 const std::string& client_id, | |
33 const std::string& paired_secret, | |
34 const FetchSecretCallback& fetch_pin_callback, | |
35 const std::string& authentication_tag) | |
36 : pairing_state_(MESSAGE_READY), | |
37 client_id_(client_id), | |
38 paired_secret_(paired_secret), | |
39 fetch_pin_callback_(fetch_pin_callback), | |
40 authentication_tag_(authentication_tag), | |
41 weak_factory_(this) { | |
42 } | |
43 | |
44 Authenticator::State PairingClientAuthenticator::state() const { | |
45 if (pairing_state_ == ACCEPTED || pairing_state_ == REJECTED) { | |
46 DCHECK(v2_authenticator_); | |
47 return v2_authenticator_->state(); | |
48 } else { | |
49 return pairing_state_; | |
50 } | |
51 } | |
52 | |
53 Authenticator::RejectionReason | |
54 PairingClientAuthenticator::rejection_reason() const { | |
55 DCHECK(v2_authenticator_); | |
56 return v2_authenticator_->rejection_reason(); | |
57 } | |
58 | |
59 void PairingClientAuthenticator::ProcessMessage( | |
60 const buzz::XmlElement* message, | |
61 const base::Closure& resume_callback) { | |
62 DCHECK_EQ(state(), WAITING_MESSAGE); | |
63 | |
64 const buzz::XmlElement* pairing_failed_tag = | |
65 message->FirstNamed(kPairingFailedTag); | |
66 | |
67 if (pairing_failed_tag && pairing_state_ != REJECTED) { | |
68 // If pairing failed, and we haven't already done so, prompt the | |
69 // user for the PIN and try again. | |
70 std::string error = pairing_failed_tag->Attr(kPairingErrorAttribute); | |
71 LOG(INFO) << "Pairing failed: " << error; | |
72 pairing_state_ = PROCESSING_MESSAGE; | |
73 SecretFetchedCallback callback = base::Bind( | |
74 &PairingClientAuthenticator::CreateV2AuthenticatorWithPIN, | |
75 weak_factory_.GetWeakPtr(), base::Owned(new buzz::XmlElement(*message)), | |
76 resume_callback); | |
77 fetch_pin_callback_.Run(callback); | |
78 return; | |
79 | |
80 } else { | |
81 // If it's not a pairing error message, create the V2 authenticator | |
82 // backed by the paired secret if it doesn't already exist, and let | |
83 // it process the message. | |
84 if (!v2_authenticator_) { | |
85 pairing_state_ = ACCEPTED; | |
86 v2_authenticator_ = V2Authenticator::CreateForClient( | |
87 paired_secret_, WAITING_MESSAGE); | |
88 } | |
89 v2_authenticator_->ProcessMessage(message, resume_callback); | |
90 } | |
91 } | |
92 | |
93 scoped_ptr<buzz::XmlElement> PairingClientAuthenticator::GetNextMessage() { | |
94 DCHECK_EQ(state(), MESSAGE_READY); | |
95 | |
96 // If the initial message has not yet been sent, return it now. | |
97 if (pairing_state_ == MESSAGE_READY) { | |
98 scoped_ptr<buzz::XmlElement> result = CreateEmptyAuthenticatorMessage(); | |
99 buzz::XmlElement* pairing_tag = new buzz::XmlElement(kPairingInfoTag); | |
100 pairing_tag->AddAttr(kClientIdAttribute, client_id_); | |
101 result->AddElement(pairing_tag); | |
102 pairing_state_ = WAITING_MESSAGE; | |
103 return result.Pass(); | |
Sergey Ulanov
2013/05/17 01:57:17
Can we also include include first message from v2_
Jamie
2013/05/21 01:24:33
Great idea, thanks. Unfortunately, it meant a sign
| |
104 } | |
105 | |
106 // In all other cases, defer to the underlying authenticator. | |
107 DCHECK(v2_authenticator_); | |
Sergey Ulanov
2013/05/17 01:57:17
nit: don't need this. scoped_ptr<> DCHECKs in oper
Jamie
2013/05/21 01:24:33
Removed, here and elsewhere.
| |
108 return v2_authenticator_->GetNextMessage(); | |
109 } | |
110 | |
111 scoped_ptr<ChannelAuthenticator> | |
112 PairingClientAuthenticator::CreateChannelAuthenticator() const { | |
113 return v2_authenticator_->CreateChannelAuthenticator(); | |
114 } | |
115 | |
116 void PairingClientAuthenticator::CreateV2AuthenticatorWithPIN( | |
117 const buzz::XmlElement* message, | |
118 const base::Closure& resume_callback, | |
119 const std::string& pin) { | |
120 pairing_state_ = REJECTED; | |
121 v2_authenticator_ = V2Authenticator::CreateForClient( | |
122 AuthenticationMethod::ApplyHashFunction( | |
123 AuthenticationMethod::HMAC_SHA256, | |
124 authentication_tag_, pin), | |
125 WAITING_MESSAGE); | |
126 ProcessMessage(message, resume_callback); | |
127 } | |
128 | |
129 } // namespace protocol | |
130 } // namespace remoting | |
OLD | NEW |