Index: remoting/protocol/pairing_client_authenticator.cc |
diff --git a/remoting/protocol/pairing_client_authenticator.cc b/remoting/protocol/pairing_client_authenticator.cc |
new file mode 100644 |
index 0000000000000000000000000000000000000000..929e62822d5215a5a739b6bb3adea3c05e372aca |
--- /dev/null |
+++ b/remoting/protocol/pairing_client_authenticator.cc |
@@ -0,0 +1,134 @@ |
+// Copyright 2013 The Chromium Authors. All rights reserved. |
+// Use of this source code is governed by a BSD-style license that can be |
+// found in the LICENSE file. |
+ |
+#include "remoting/protocol/pairing_client_authenticator.h" |
+ |
+#include "base/bind.h" |
+#include "base/logging.h" |
+#include "remoting/base/constants.h" |
+#include "remoting/base/rsa_key_pair.h" |
+#include "remoting/protocol/authentication_method.h" |
+#include "remoting/protocol/channel_authenticator.h" |
+#include "remoting/protocol/v2_authenticator.h" |
+#include "third_party/libjingle/source/talk/xmllite/xmlelement.h" |
+ |
+namespace remoting { |
+namespace protocol { |
+ |
+namespace { |
+// These definitions must be kept in sync with pairing_host_authenticator.cc. |
+const buzz::StaticQName kPairingInfoTag = |
+ { kChromotingXmlNamespace, "pairing-info" }; |
+const buzz::StaticQName kClientIdAttribute = |
+ { "", "client-id" }; |
+const buzz::StaticQName kPairingFailedTag = |
+ { kChromotingXmlNamespace, "pairing-failed" }; |
+const buzz::StaticQName kPairingErrorAttribute = |
+ { "", "error" }; |
+} |
+ |
+PairingClientAuthenticator::PairingClientAuthenticator( |
+ const std::string& client_id, |
+ const std::string& paired_secret, |
+ const FetchSecretCallback& fetch_pin_callback, |
+ const std::string& authentication_tag) |
+ : pairing_state_(MESSAGE_READY), |
+ client_id_(client_id), |
+ paired_secret_(paired_secret), |
+ fetch_pin_callback_(fetch_pin_callback), |
+ authentication_tag_(authentication_tag), |
+ pairing_failed_(false), |
+ weak_factory_(this) { |
+} |
+ |
+Authenticator::State PairingClientAuthenticator::state() const { |
+ if (pairing_state_ == ACCEPTED || pairing_state_ == REJECTED) { |
+ DCHECK(v2_authenticator_); |
+ return v2_authenticator_->state(); |
+ } else { |
+ return pairing_state_; |
+ } |
+} |
+ |
+Authenticator::RejectionReason |
+PairingClientAuthenticator::rejection_reason() const { |
+ DCHECK(v2_authenticator_); |
+ return v2_authenticator_->rejection_reason(); |
+} |
+ |
+void PairingClientAuthenticator::ProcessMessage( |
+ const buzz::XmlElement* message, |
+ const base::Closure& resume_callback) { |
+ DCHECK_EQ(state(), WAITING_MESSAGE); |
+ |
+ if (v2_authenticator_) { |
rmsousa
2013/05/16 20:11:02
This isn't really necessary, the else case below a
Jamie
2013/05/16 21:09:10
I realized the same thing when I was implementing
|
+ v2_authenticator_->ProcessMessage(message, resume_callback); |
+ return; |
+ } |
+ |
+ const buzz::XmlElement* pairing_failed_tag = |
+ message->FirstNamed(kPairingFailedTag); |
+ |
+ if (pairing_failed_tag) { |
+ // If pairing failed, prompt the user for the PIN and try again. |
+ std::string error = pairing_failed_tag->Attr(kPairingErrorAttribute); |
+ LOG(INFO) << "Pairing failed: " << error; |
+ pairing_state_ = PROCESSING_MESSAGE; |
+ SecretFetchedCallback callback = base::Bind( |
+ &PairingClientAuthenticator::CreateV2AuthenticatorWithPIN, |
+ weak_factory_.GetWeakPtr(), message, resume_callback); |
rmsousa
2013/05/16 20:11:02
Strange, I think passing a naked pointer here shou
Jamie
2013/05/16 21:09:10
Done.
|
+ fetch_pin_callback_.Run(callback); |
+ return; |
+ |
+ } else { |
+ // If it's not a pairing error message, create the V2 authenticator |
+ // backed by the paired secret if it doesn't already exist, and let |
+ // it process the message. |
+ if (!v2_authenticator_) { |
+ pairing_state_ = ACCEPTED; |
+ v2_authenticator_ = V2Authenticator::CreateForClient( |
+ paired_secret_, WAITING_MESSAGE); |
+ } |
+ v2_authenticator_->ProcessMessage(message, resume_callback); |
+ } |
+} |
+ |
+scoped_ptr<buzz::XmlElement> PairingClientAuthenticator::GetNextMessage() { |
+ DCHECK_EQ(state(), MESSAGE_READY); |
+ |
+ // If the initial message has not yet been sent, return it now. |
+ if (pairing_state_ == MESSAGE_READY) { |
+ scoped_ptr<buzz::XmlElement> result = CreateEmptyAuthenticatorMessage(); |
+ buzz::XmlElement* pairing_tag = new buzz::XmlElement(kPairingInfoTag); |
+ pairing_tag->AddAttr(kClientIdAttribute, client_id_); |
+ result->AddElement(pairing_tag); |
+ pairing_state_ = WAITING_MESSAGE; |
+ return result.Pass(); |
+ } |
+ |
+ // In all other cases, defer to the underlying authenticator. |
+ DCHECK(v2_authenticator_); |
+ return v2_authenticator_->GetNextMessage(); |
+} |
+ |
+scoped_ptr<ChannelAuthenticator> |
+PairingClientAuthenticator::CreateChannelAuthenticator() const { |
+ return v2_authenticator_->CreateChannelAuthenticator(); |
+} |
+ |
+void PairingClientAuthenticator::CreateV2AuthenticatorWithPIN( |
+ const buzz::XmlElement* message, |
+ const base::Closure& resume_callback, |
+ const std::string& pin) { |
+ pairing_state_ = REJECTED; |
+ v2_authenticator_ = V2Authenticator::CreateForClient( |
+ AuthenticationMethod::ApplyHashFunction( |
+ AuthenticationMethod::HMAC_SHA256, |
+ authentication_tag_, pin), |
+ WAITING_MESSAGE); |
+ ProcessMessage(message, resume_callback); |
+} |
+ |
+} // namespace protocol |
+} // namespace remoting |