Index: remoting/protocol/pairing_host_authenticator.cc |
diff --git a/remoting/protocol/pairing_host_authenticator.cc b/remoting/protocol/pairing_host_authenticator.cc |
new file mode 100644 |
index 0000000000000000000000000000000000000000..a1fa8ef82cc632f3736cf702619db971c41364f5 |
--- /dev/null |
+++ b/remoting/protocol/pairing_host_authenticator.cc |
@@ -0,0 +1,140 @@ |
+// Copyright 2013 The Chromium Authors. All rights reserved. |
+// Use of this source code is governed by a BSD-style license that can be |
+// found in the LICENSE file. |
+ |
+#include "remoting/protocol/pairing_host_authenticator.h" |
+ |
+#include "base/logging.h" |
+#include "remoting/base/constants.h" |
+#include "remoting/base/rsa_key_pair.h" |
+#include "remoting/protocol/channel_authenticator.h" |
+#include "remoting/protocol/pairing_registry.h" |
+#include "remoting/protocol/v2_authenticator.h" |
+#include "third_party/libjingle/source/talk/xmllite/xmlelement.h" |
+ |
+namespace remoting { |
+namespace protocol { |
+ |
+namespace { |
+// These definitions must be kept in sync with pairing_client_authenticator.cc. |
+const buzz::StaticQName kPairingInfoTag = |
+ { kChromotingXmlNamespace, "pairing-info" }; |
+const buzz::StaticQName kClientIdAttribute = |
+ { "", "client-id" }; |
+const buzz::StaticQName kPairingFailedTag = |
+ { kChromotingXmlNamespace, "pairing-failed" }; |
+const buzz::StaticQName kPairingErrorAttribute = |
+ { "", "error" }; |
+} |
+ |
+PairingHostAuthenticator::PairingHostAuthenticator( |
+ scoped_refptr<PairingRegistry> pairing_registry, |
+ const std::string& local_cert, |
+ scoped_refptr<RsaKeyPair> key_pair, |
+ const std::string& shared_secret, |
+ State initial_state) |
+ : pairing_registry_(pairing_registry), |
+ local_cert_(local_cert), |
+ key_pair_(key_pair), |
+ shared_secret_(shared_secret), |
+ protocol_error_(false) { |
+ // If the client didn't specify an initial message, use the PIN as the shared |
+ // secret. If it did, the authenticator will be created in ProcessMessage with |
+ // the appropriate secret from the pairing registry. |
+ if (initial_state != WAITING_MESSAGE) { |
+ DCHECK_EQ(initial_state, MESSAGE_READY); |
+ CreateV2AuthenticatorWithPIN(initial_state); |
+ } |
+} |
+ |
+Authenticator::State PairingHostAuthenticator::state() const { |
+ if (protocol_error_) { |
+ return REJECTED; |
+ } else if (!error_message_.empty()) { |
+ return MESSAGE_READY; |
+ } else if (v2_authenticator_) { |
+ return v2_authenticator_->state(); |
+ } else { |
+ return WAITING_MESSAGE; |
+ } |
+} |
+ |
+Authenticator::RejectionReason |
+PairingHostAuthenticator::rejection_reason() const { |
+ DCHECK(v2_authenticator_); |
rmsousa
2013/05/16 00:46:25
if (!v2_authenticator_) return PROTOCOL_ERROR
rmsousa
2013/05/16 20:11:02
Did you miss this one?
Jamie
2013/05/16 21:09:10
I did, but looking at it, it seems redundant given
rmsousa
2013/05/16 22:16:37
Yes, that's what I meant - you needed to handle th
|
+ return v2_authenticator_->rejection_reason(); |
+} |
+ |
+void PairingHostAuthenticator::ProcessMessage( |
+ const buzz::XmlElement* message, |
+ const base::Closure& resume_callback) { |
+ DCHECK_EQ(state(), WAITING_MESSAGE); |
+ |
+ // If there's already an underlying authenticator, defer to it. |
+ if (v2_authenticator_) { |
+ DCHECK_EQ(v2_authenticator_->state(), WAITING_MESSAGE); |
+ v2_authenticator_->ProcessMessage(message, resume_callback); |
+ return; |
+ } |
+ |
+ // If not, then create one based on the contents of the first message. |
+ std::string client_id; |
+ const buzz::XmlElement* pairing_tag = message->FirstNamed(kPairingInfoTag); |
+ if (pairing_tag) { |
rmsousa
2013/05/16 00:46:25
Lack of pairing tag should be an error as well.
rmsousa
2013/05/16 20:11:02
Did you miss this one?
Jamie
2013/05/16 21:09:10
Sorry, yes. Done.
|
+ client_id = pairing_tag->Attr(kClientIdAttribute); |
+ if (client_id.empty()) { |
+ LOG(ERROR) << "No client id specified."; |
+ protocol_error_ = true; |
+ resume_callback.Run(); |
+ return; |
+ } |
+ } |
+ |
+ std::string paired_secret = pairing_registry_->GetSecret(client_id); |
+ |
+ if (paired_secret.empty()) { |
+ LOG(INFO) << "Unknown client id"; |
+ error_message_ = "unknown-client-id"; |
+ CreateV2AuthenticatorWithPIN(WAITING_MESSAGE); |
+ resume_callback.Run(); |
+ return; |
+ } |
+ |
+ v2_authenticator_ = V2Authenticator::CreateForHost( |
+ local_cert_, key_pair_, paired_secret, MESSAGE_READY); |
+ resume_callback.Run(); |
+} |
+ |
+scoped_ptr<buzz::XmlElement> PairingHostAuthenticator::GetNextMessage() { |
+ DCHECK_EQ(state(), MESSAGE_READY); |
+ |
+ if (!error_message_.empty()) { |
+ scoped_ptr<buzz::XmlElement> result = CreateEmptyAuthenticatorMessage(); |
+ buzz::XmlElement* pairing_failed_tag = |
+ new buzz::XmlElement(kPairingFailedTag); |
+ pairing_failed_tag->AddAttr(kPairingErrorAttribute, error_message_); |
+ result->AddElement(pairing_failed_tag); |
+ error_message_.clear(); |
+ return result.Pass(); |
+ |
+ } else { |
+ DCHECK(v2_authenticator_); |
+ return v2_authenticator_->GetNextMessage(); |
+ } |
+} |
+ |
+scoped_ptr<ChannelAuthenticator> |
+PairingHostAuthenticator::CreateChannelAuthenticator() const { |
+ DCHECK(v2_authenticator_); |
+ return v2_authenticator_->CreateChannelAuthenticator(); |
+} |
+ |
+void PairingHostAuthenticator::CreateV2AuthenticatorWithPIN( |
+ State initial_state) { |
+ DCHECK(!v2_authenticator_); |
+ v2_authenticator_ = V2Authenticator::CreateForHost( |
+ local_cert_, key_pair_, shared_secret_, initial_state); |
+} |
+ |
+} // namespace protocol |
+} // namespace remoting |