PairingAuthenticator implementation and plumbing.

remoting/protocol/negotiating_client_authenticator.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "remoting/protocol/negotiating_client_authenticator.h"
 
 #include <algorithm>
 #include <sstream>
 
 #include "base/bind.h"
 #include "base/callback.h"
 #include "base/logging.h"
 #include "base/strings/string_split.h"
 #include "remoting/protocol/channel_authenticator.h"
+#include "remoting/protocol/pairing_client_authenticator.h"
 #include "remoting/protocol/v2_authenticator.h"
 #include "third_party/libjingle/source/talk/xmllite/xmlelement.h"
 
 namespace remoting {
 namespace protocol {
 
 NegotiatingClientAuthenticator::NegotiatingClientAuthenticator(
+    const std::string& client_pairing_id,
+    const std::string& shared_secret,
     const std::string& authentication_tag,
     const FetchSecretCallback& fetch_secret_callback,
     scoped_ptr<ThirdPartyClientAuthenticator::TokenFetcher> token_fetcher,
     const std::vector<AuthenticationMethod>& methods)
     : NegotiatingAuthenticatorBase(MESSAGE_READY),
+      client_pairing_id_(client_pairing_id),
+      shared_secret_(shared_secret),
       authentication_tag_(authentication_tag),
       fetch_secret_callback_(fetch_secret_callback),
       token_fetcher_(token_fetcher.Pass()),
       method_set_by_host_(false),
       weak_factory_(this) {
   DCHECK(!methods.empty());
   for (std::vector<AuthenticationMethod>::const_iterator it = methods.begin();
        it != methods.end(); ++it) {
     AddMethod(*it);
   }
@@ skipping 31 matching lines @@
         &NegotiatingAuthenticatorBase::ProcessMessageInternal,
         base::Unretained(this), base::Owned(new buzz::XmlElement(*message)),
         resume_callback);
     CreateAuthenticatorForCurrentMethod(WAITING_MESSAGE, callback);
     return;
   }
   ProcessMessageInternal(message, resume_callback);
 }
 
 scoped_ptr<buzz::XmlElement> NegotiatingClientAuthenticator::GetNextMessage() {
   DCHECK_EQ(state(), MESSAGE_READY);

[Wez, 2013/05/18 20:08:36]

nit: Blank line between check and comment, plz

[Jamie, 2013/05/21 01:24:34]

Done.

   // This is the first message to the host, send a list of supported methods.
   if (!current_method_.is_valid()) {
     // If no authentication method has been chosen, see if we can optimistically
     // choose one.
     scoped_ptr<buzz::XmlElement> result;
-    current_authenticator_ = CreatePreferredAuthenticator();
+    CreatePreferredAuthenticator();
     if (current_authenticator_) {
       DCHECK(current_authenticator_->state() == MESSAGE_READY);
       result = GetNextMessageInternal();
     } else {
       result = CreateEmptyAuthenticatorMessage();
     }
-

[Wez, 2013/05/18 20:08:36]

nit: Restore this blank line, please. :)

[Jamie, 2013/05/21 01:24:34]

Done.

     // Include a list of supported methods.
     std::stringstream supported_methods(std::stringstream::out);
     for (std::vector<AuthenticationMethod>::iterator it = methods_.begin();
          it != methods_.end(); ++it) {
       if (it != methods_.begin())
         supported_methods << kSupportedMethodsSeparator;
       supported_methods << it->ToString();
     }
     result->AddAttr(kSupportedMethodsAttributeQName, supported_methods.str());
     state_ = WAITING_MESSAGE;
     return result.Pass();
   }
   return GetNextMessageInternal();
 }
 
 void NegotiatingClientAuthenticator::CreateAuthenticatorForCurrentMethod(
     Authenticator::State preferred_initial_state,
     const base::Closure& resume_callback) {
   DCHECK(current_method_.is_valid());
   if (current_method_.type() == AuthenticationMethod::THIRD_PARTY) {
     // |ThirdPartyClientAuthenticator| takes ownership of |token_fetcher_|.
     // The authentication method negotiation logic should guarantee that only
     // one |ThirdPartyClientAuthenticator| will need to be created per session.
     DCHECK(token_fetcher_);
     current_authenticator_.reset(new ThirdPartyClientAuthenticator(
         token_fetcher_.Pass()));
     resume_callback.Run();
   } else {

[rmsousa, 2013/05/17 20:09:03]

Nits:
Please add a DCHECK that the method is spake or spakepair (that serves as
documentation that those (and only those) are intentionally handled by this
else).

Also, please add a // TODO: add a parameter to fetch_secret_callback for whether
pairing is supported.

[Jamie, 2013/05/21 01:24:34]

Done.

     fetch_secret_callback_.Run(base::Bind(
         &NegotiatingClientAuthenticator::CreateV2AuthenticatorWithSecret,
         weak_factory_.GetWeakPtr(), preferred_initial_state, resume_callback));
   }
 }
 
-scoped_ptr<Authenticator>
-NegotiatingClientAuthenticator::CreatePreferredAuthenticator() {
-  NOTIMPLEMENTED();
-  return scoped_ptr<Authenticator>();
+void NegotiatingClientAuthenticator::CreatePreferredAuthenticator() {
+  if (!client_pairing_id_.empty() && !shared_secret_.empty()) {
+    // If the client specified a pairing id and shared secret, then create a
+    // PairingAuthenticator.
+    current_authenticator_.reset(new PairingClientAuthenticator(
+        client_pairing_id_, shared_secret_, fetch_secret_callback_,
+        authentication_tag_));
+    current_method_ = AuthenticationMethod::Spake2Pair();
+  }
 }
 
 void NegotiatingClientAuthenticator::CreateV2AuthenticatorWithSecret(
     Authenticator::State initial_state,
     const base::Closure& resume_callback,
     const std::string& shared_secret) {
   current_authenticator_ = V2Authenticator::CreateForClient(
       AuthenticationMethod::ApplyHashFunction(
           current_method_.hash_function(), authentication_tag_, shared_secret),
       initial_state);
   resume_callback.Run();
 }
 
 }  // namespace protocol
 }  // namespace remoting