| Index: remoting/host/token_validator_base.cc
|
| diff --git a/remoting/host/token_validator_factory_impl.cc b/remoting/host/token_validator_base.cc
|
| similarity index 51%
|
| copy from remoting/host/token_validator_factory_impl.cc
|
| copy to remoting/host/token_validator_base.cc
|
| index f5cc5ab12dbb2b8638748e8c83c90c21df2059ac..c872222037aa217d53b76907602b76389eedf6eb 100644
|
| --- a/remoting/host/token_validator_factory_impl.cc
|
| +++ b/remoting/host/token_validator_base.cc
|
| @@ -2,21 +2,17 @@
|
| // Use of this source code is governed by a BSD-style license that can be
|
| // found in the LICENSE file.
|
|
|
| -#include "remoting/host/token_validator_factory_impl.h"
|
| -
|
| -#include <set>
|
| +#include "remoting/host/token_validator_base.h"
|
|
|
| #include "base/base64.h"
|
| #include "base/bind.h"
|
| #include "base/callback.h"
|
| #include "base/json/json_reader.h"
|
| -#include "base/location.h"
|
| #include "base/logging.h"
|
| #include "base/memory/weak_ptr.h"
|
| #include "base/single_thread_task_runner.h"
|
| #include "base/strings/string_util.h"
|
| #include "base/values.h"
|
| -#include "crypto/random.h"
|
| #include "net/base/escape.h"
|
| #include "net/base/io_buffer.h"
|
| #include "net/base/request_priority.h"
|
| @@ -34,13 +30,10 @@
|
| #include "net/url_request/url_request.h"
|
| #include "net/url_request/url_request_context.h"
|
| #include "net/url_request/url_request_status.h"
|
| -#include "remoting/base/rsa_key_pair.h"
|
| #include "url/gurl.h"
|
|
|
| namespace {
|
|
|
| -// Length in bytes of the cryptographic nonce used to salt the token scope.
|
| -const size_t kNonceLength = 16; // 128 bits.
|
| const int kBufferSize = 4096;
|
| const char kCertIssuerWildCard[] = "*";
|
|
|
| @@ -48,80 +41,24 @@ const char kCertIssuerWildCard[] = "*";
|
|
|
| namespace remoting {
|
|
|
| -class TokenValidatorImpl
|
| - : public net::URLRequest::Delegate,
|
| - public protocol::ThirdPartyHostAuthenticator::TokenValidator {
|
| - public:
|
| - TokenValidatorImpl(
|
| - const ThirdPartyAuthConfig& third_party_auth_config,
|
| - scoped_refptr<RsaKeyPair> key_pair,
|
| - const std::string& local_jid,
|
| - const std::string& remote_jid,
|
| - scoped_refptr<net::URLRequestContextGetter> request_context_getter);
|
| - virtual ~TokenValidatorImpl();
|
| -
|
| - // TokenValidator interface.
|
| - virtual const GURL& token_url() const OVERRIDE;
|
| - virtual const std::string& token_scope() const OVERRIDE;
|
| - virtual void ValidateThirdPartyToken(
|
| - const std::string& token,
|
| - const base::Callback<void(
|
| - const std::string& shared_secret)>& on_token_validated) OVERRIDE;
|
| -
|
| - // URLFetcherDelegate interface.
|
| - virtual void OnResponseStarted(net::URLRequest* source) OVERRIDE;
|
| - virtual void OnReadCompleted(net::URLRequest* source,
|
| - int bytes_read) OVERRIDE;
|
| - virtual void OnCertificateRequested(
|
| - net::URLRequest* source,
|
| - net::SSLCertRequestInfo* cert_request_info) OVERRIDE;
|
| -
|
| - private:
|
| - static std::string CreateScope(const std::string& local_jid,
|
| - const std::string& remote_jid);
|
| -
|
| - void OnCertificatesSelected(net::CertificateList* selected_certs,
|
| - net::ClientCertStore* unused);
|
| - bool IsValidScope(const std::string& token_scope);
|
| - std::string ProcessResponse();
|
| -
|
| - std::string post_body_;
|
| - scoped_ptr<net::URLRequest> request_;
|
| - scoped_refptr<net::IOBuffer> buffer_;
|
| - std::string data_;
|
| - ThirdPartyAuthConfig third_party_auth_config_;
|
| - scoped_refptr<RsaKeyPair> key_pair_;
|
| - std::string token_scope_;
|
| - scoped_refptr<net::URLRequestContextGetter> request_context_getter_;
|
| - base::Callback<void(const std::string& shared_secret)> on_token_validated_;
|
| -
|
| - base::WeakPtrFactory<TokenValidatorImpl> weak_factory_;
|
| -
|
| - DISALLOW_COPY_AND_ASSIGN(TokenValidatorImpl);
|
| -};
|
| -
|
| -TokenValidatorImpl::TokenValidatorImpl(
|
| +TokenValidatorBase::TokenValidatorBase(
|
| const ThirdPartyAuthConfig& third_party_auth_config,
|
| - scoped_refptr<RsaKeyPair> key_pair,
|
| - const std::string& local_jid,
|
| - const std::string& remote_jid,
|
| + const std::string& token_scope,
|
| scoped_refptr<net::URLRequestContextGetter> request_context_getter)
|
| - : buffer_(new net::IOBuffer(kBufferSize)),
|
| - third_party_auth_config_(third_party_auth_config),
|
| - key_pair_(key_pair),
|
| + : third_party_auth_config_(third_party_auth_config),
|
| + token_scope_(token_scope),
|
| request_context_getter_(request_context_getter),
|
| + buffer_(new net::IOBuffer(kBufferSize)),
|
| weak_factory_(this) {
|
| DCHECK(third_party_auth_config_.token_url.is_valid());
|
| DCHECK(third_party_auth_config_.token_validation_url.is_valid());
|
| - DCHECK(key_pair_.get());
|
| - token_scope_ = CreateScope(local_jid, remote_jid);
|
| }
|
|
|
| -TokenValidatorImpl::~TokenValidatorImpl() {
|
| +TokenValidatorBase::~TokenValidatorBase() {
|
| }
|
|
|
| // TokenValidator interface.
|
| -void TokenValidatorImpl::ValidateThirdPartyToken(
|
| +void TokenValidatorBase::ValidateThirdPartyToken(
|
| const std::string& token,
|
| const base::Callback<void(
|
| const std::string& shared_secret)>& on_token_validated) {
|
| @@ -130,38 +67,19 @@ void TokenValidatorImpl::ValidateThirdPartyToken(
|
|
|
| on_token_validated_ = on_token_validated;
|
|
|
| - post_body_ = "code=" + net::EscapeUrlEncodedData(token, true) +
|
| - "&client_id=" + net::EscapeUrlEncodedData(
|
| - key_pair_->GetPublicKey(), true) +
|
| - "&client_secret=" + net::EscapeUrlEncodedData(
|
| - key_pair_->SignMessage(token), true) +
|
| - "&grant_type=authorization_code";
|
| -
|
| - request_ = request_context_getter_->GetURLRequestContext()->CreateRequest(
|
| - third_party_auth_config_.token_validation_url, net::DEFAULT_PRIORITY,
|
| - this);
|
| - request_->SetExtraRequestHeaderByName(
|
| - net::HttpRequestHeaders::kContentType,
|
| - "application/x-www-form-urlencoded", true);
|
| - request_->set_method("POST");
|
| - scoped_ptr<net::UploadElementReader> reader(
|
| - new net::UploadBytesElementReader(
|
| - post_body_.data(), post_body_.size()));
|
| - request_->set_upload(make_scoped_ptr(
|
| - net::UploadDataStream::CreateWithReader(reader.Pass(), 0)));
|
| - request_->Start();
|
| + StartValidateRequest(token);
|
| }
|
|
|
| -const GURL& TokenValidatorImpl::token_url() const {
|
| +const GURL& TokenValidatorBase::token_url() const {
|
| return third_party_auth_config_.token_url;
|
| }
|
|
|
| -const std::string& TokenValidatorImpl::token_scope() const {
|
| +const std::string& TokenValidatorBase::token_scope() const {
|
| return token_scope_;
|
| }
|
|
|
| // URLFetcherDelegate interface.
|
| -void TokenValidatorImpl::OnResponseStarted(net::URLRequest* source) {
|
| +void TokenValidatorBase::OnResponseStarted(net::URLRequest* source) {
|
| DCHECK_EQ(request_.get(), source);
|
|
|
| int bytes_read = 0;
|
| @@ -169,7 +87,7 @@ void TokenValidatorImpl::OnResponseStarted(net::URLRequest* source) {
|
| OnReadCompleted(request_.get(), bytes_read);
|
| }
|
|
|
| -void TokenValidatorImpl::OnReadCompleted(net::URLRequest* source,
|
| +void TokenValidatorBase::OnReadCompleted(net::URLRequest* source,
|
| int bytes_read) {
|
| DCHECK_EQ(request_.get(), source);
|
|
|
| @@ -189,7 +107,7 @@ void TokenValidatorImpl::OnReadCompleted(net::URLRequest* source,
|
| }
|
| }
|
|
|
| -void TokenValidatorImpl::OnCertificateRequested(
|
| +void TokenValidatorBase::OnCertificateRequested(
|
| net::URLRequest* source,
|
| net::SSLCertRequestInfo* cert_request_info) {
|
| DCHECK_EQ(request_.get(), source);
|
| @@ -211,12 +129,12 @@ void TokenValidatorImpl::OnCertificateRequested(
|
| net::CertificateList* selected_certs(new net::CertificateList());
|
| client_cert_store->GetClientCerts(
|
| *cert_request_info, selected_certs,
|
| - base::Bind(&TokenValidatorImpl::OnCertificatesSelected,
|
| + base::Bind(&TokenValidatorBase::OnCertificatesSelected,
|
| weak_factory_.GetWeakPtr(), base::Owned(selected_certs),
|
| base::Owned(client_cert_store)));
|
| }
|
|
|
| -void TokenValidatorImpl::OnCertificatesSelected(
|
| +void TokenValidatorBase::OnCertificatesSelected(
|
| net::CertificateList* selected_certs,
|
| net::ClientCertStore* unused) {
|
| const std::string& issuer =
|
| @@ -233,22 +151,12 @@ void TokenValidatorImpl::OnCertificatesSelected(
|
| }
|
| }
|
|
|
| -bool TokenValidatorImpl::IsValidScope(const std::string& token_scope) {
|
| +bool TokenValidatorBase::IsValidScope(const std::string& token_scope) {
|
| // TODO(rmsousa): Deal with reordering/subsets/supersets/aliases/etc.
|
| return token_scope == token_scope_;
|
| }
|
|
|
| -std::string TokenValidatorImpl::CreateScope(
|
| - const std::string& local_jid,
|
| - const std::string& remote_jid) {
|
| - std::string nonce_bytes;
|
| - crypto::RandBytes(WriteInto(&nonce_bytes, kNonceLength + 1), kNonceLength);
|
| - std::string nonce;
|
| - base::Base64Encode(nonce_bytes, &nonce);
|
| - return "client:" + remote_jid + " host:" + local_jid + " nonce:" + nonce;
|
| -}
|
| -
|
| -std::string TokenValidatorImpl::ProcessResponse() {
|
| +std::string TokenValidatorBase::ProcessResponse() {
|
| // Verify that we got a successful response.
|
| net::URLRequestStatus status = request_->status();
|
| if (!status.is_success()) {
|
| @@ -287,26 +195,4 @@ std::string TokenValidatorImpl::ProcessResponse() {
|
| return shared_secret;
|
| }
|
|
|
| -TokenValidatorFactoryImpl::TokenValidatorFactoryImpl(
|
| - const ThirdPartyAuthConfig& third_party_auth_config,
|
| - scoped_refptr<RsaKeyPair> key_pair,
|
| - scoped_refptr<net::URLRequestContextGetter> request_context_getter)
|
| - : third_party_auth_config_(third_party_auth_config),
|
| - key_pair_(key_pair),
|
| - request_context_getter_(request_context_getter) {
|
| -}
|
| -
|
| -TokenValidatorFactoryImpl::~TokenValidatorFactoryImpl() {
|
| -}
|
| -
|
| -scoped_ptr<protocol::ThirdPartyHostAuthenticator::TokenValidator>
|
| -TokenValidatorFactoryImpl::CreateTokenValidator(
|
| - const std::string& local_jid,
|
| - const std::string& remote_jid) {
|
| - return scoped_ptr<protocol::ThirdPartyHostAuthenticator::TokenValidator>(
|
| - new TokenValidatorImpl(third_party_auth_config_,
|
| - key_pair_, local_jid, remote_jid,
|
| - request_context_getter_));
|
| -}
|
| -
|
| } // namespace remoting
|
|
|
Chromium Code Reviews
Issue 165293004:
Refactor TokenValidatorImpl into a base class + implementation. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src