OLD | NEW |
---|---|
(Empty) | |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "remoting/protocol/pairing_client_authenticator.h" | |
6 | |
7 #include "base/bind.h" | |
8 #include "base/logging.h" | |
9 #include "remoting/base/constants.h" | |
10 #include "remoting/base/rsa_key_pair.h" | |
11 #include "remoting/protocol/authentication_method.h" | |
12 #include "remoting/protocol/channel_authenticator.h" | |
13 #include "remoting/protocol/v2_authenticator.h" | |
14 #include "third_party/libjingle/source/talk/xmllite/xmlelement.h" | |
15 | |
16 namespace remoting { | |
17 namespace protocol { | |
18 | |
19 namespace { | |
20 // These definitions must be kept in sync with pairing_host_authenticator.cc. | |
21 const buzz::StaticQName kPairingInfoTag = | |
22 { kChromotingXmlNamespace, "pairing-info" }; | |
23 const buzz::StaticQName kClientIdAttribute = | |
24 { "", "client-id" }; | |
25 const buzz::StaticQName kPairingFailedTag = | |
26 { kChromotingXmlNamespace, "pairing-failed" }; | |
27 const buzz::StaticQName kPairingErrorAttribute = | |
28 { "", "error" }; | |
29 } | |
30 | |
31 PairingClientAuthenticator::PairingClientAuthenticator( | |
32 const std::string& client_id, | |
33 const std::string& shared_secret, | |
34 const FetchSecretCallback& fetch_secret_callback, | |
35 const std::string& authentication_tag) | |
36 : pairing_state_(MESSAGE_READY), | |
37 client_id_(client_id), | |
38 shared_secret_(shared_secret), | |
39 fetch_secret_callback_(fetch_secret_callback), | |
40 authentication_tag_(authentication_tag), | |
41 pairing_failed_(false), | |
42 weak_factory_(this) { | |
43 } | |
44 | |
45 Authenticator::State PairingClientAuthenticator::state() const { | |
46 if (pairing_state_ == ACCEPTED || pairing_state_ == REJECTED) { | |
47 DCHECK(v2_authenticator_); | |
48 return v2_authenticator_->state(); | |
49 } else { | |
50 return pairing_state_; | |
51 } | |
52 } | |
53 | |
54 Authenticator::RejectionReason | |
55 PairingClientAuthenticator::rejection_reason() const { | |
56 DCHECK(v2_authenticator_); | |
57 return v2_authenticator_->rejection_reason(); | |
58 } | |
59 | |
60 void PairingClientAuthenticator::ProcessMessage( | |
61 const buzz::XmlElement* message, | |
62 const base::Closure& resume_callback) { | |
rmsousa
2013/05/16 00:46:25
please DCHECK_EQ(state(), WAITING_MESSAGE)
Jamie
2013/05/16 19:30:16
Done.
| |
63 const buzz::XmlElement* pairing_failed_tag = | |
64 message->FirstNamed(kPairingFailedTag); | |
65 if (pairing_failed_tag) { | |
66 // If pairing failed, prompt the user for the PIN and try again. | |
67 std::string error = pairing_failed_tag->Attr(kPairingErrorAttribute); | |
68 LOG(INFO) << "Pairing failed: " << error; | |
69 pairing_state_ = PROCESSING_MESSAGE; | |
70 SecretFetchedCallback callback = base::Bind( | |
71 &PairingClientAuthenticator::CreateV2AuthenticatorWithSecret, | |
72 weak_factory_.GetWeakPtr(), resume_callback); | |
73 fetch_secret_callback_.Run(callback); | |
74 return; | |
75 } else { | |
rmsousa
2013/05/16 00:46:25
This could either be a PIN based V2 message or a S
Jamie
2013/05/16 19:30:16
If the pairing authenticator is in use, then the c
rmsousa
2013/05/16 20:11:02
I see. But I think you'll need to use this authent
| |
76 // If it's not a pairing error message, create the V2 authenticator | |
77 // backed by the shared secret if it doesn't already exist, and let | |
78 // it process the message. | |
79 if (!v2_authenticator_) { | |
80 pairing_state_ = ACCEPTED; | |
81 v2_authenticator_ = V2Authenticator::CreateForClient( | |
82 shared_secret_, WAITING_MESSAGE); | |
83 } | |
84 v2_authenticator_->ProcessMessage(message, resume_callback); | |
85 } | |
86 } | |
87 | |
88 scoped_ptr<buzz::XmlElement> PairingClientAuthenticator::GetNextMessage() { | |
89 // If the initial message has not yet been sent, return it now. | |
rmsousa
2013/05/16 00:46:25
Please DCHECK_EQ(state(), MESSAGE_READY)
Jamie
2013/05/16 19:30:16
Done.
| |
90 if (pairing_state_ == MESSAGE_READY) { | |
91 scoped_ptr<buzz::XmlElement> result = CreateEmptyAuthenticatorMessage(); | |
92 buzz::XmlElement* pairing_tag = new buzz::XmlElement(kPairingInfoTag); | |
93 pairing_tag->AddAttr(kClientIdAttribute, client_id_); | |
94 result->AddElement(pairing_tag); | |
95 pairing_state_ = WAITING_MESSAGE; | |
96 return result.Pass(); | |
97 } | |
98 // In all other cases, defer to the underlying authenticator. | |
99 DCHECK(v2_authenticator_); | |
100 return v2_authenticator_->GetNextMessage(); | |
101 } | |
102 | |
103 scoped_ptr<ChannelAuthenticator> | |
104 PairingClientAuthenticator::CreateChannelAuthenticator() const { | |
105 return v2_authenticator_->CreateChannelAuthenticator(); | |
106 } | |
107 | |
108 void PairingClientAuthenticator::CreateV2AuthenticatorWithSecret( | |
109 const base::Closure& resume_callback, | |
110 const std::string& shared_secret) { | |
rmsousa
2013/05/16 00:46:25
Nit: The term "Secret" is a bit ambiguous here, so
Jamie
2013/05/16 19:30:16
Fair point. I've made the authenticator classes re
| |
111 pairing_state_ = REJECTED; | |
112 v2_authenticator_ = V2Authenticator::CreateForClient( | |
113 AuthenticationMethod::ApplyHashFunction( | |
114 AuthenticationMethod::HMAC_SHA256, | |
115 authentication_tag_, shared_secret), | |
116 MESSAGE_READY); | |
117 resume_callback.Run(); | |
118 } | |
119 | |
120 } // namespace protocol | |
121 } // namespace remoting | |
OLD | NEW |