OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef REMOTING_PROTOCOL_NEGOTIATING_AUTHENTICATOR_BASE_H_ | 5 #ifndef REMOTING_PROTOCOL_NEGOTIATING_AUTHENTICATOR_BASE_H_ |
6 #define REMOTING_PROTOCOL_NEGOTIATING_AUTHENTICATOR_BASE_H_ | 6 #define REMOTING_PROTOCOL_NEGOTIATING_AUTHENTICATOR_BASE_H_ |
7 | 7 |
8 #include <string> | 8 #include <string> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
| 11 #include "base/gtest_prod_util.h" |
11 #include "base/macros.h" | 12 #include "base/macros.h" |
12 #include "base/memory/ref_counted.h" | 13 #include "base/memory/ref_counted.h" |
13 #include "base/memory/scoped_ptr.h" | 14 #include "base/memory/scoped_ptr.h" |
14 #include "remoting/protocol/authentication_method.h" | |
15 #include "remoting/protocol/authenticator.h" | 15 #include "remoting/protocol/authenticator.h" |
16 #include "third_party/webrtc/libjingle/xmllite/xmlelement.h" | 16 #include "third_party/webrtc/libjingle/xmllite/xmlelement.h" |
17 | 17 |
18 namespace remoting { | 18 namespace remoting { |
19 namespace protocol { | 19 namespace protocol { |
20 | 20 |
21 // This class provides the common base for a meta-authenticator that allows | 21 // This class provides the common base for a meta-authenticator that allows |
22 // clients and hosts that support multiple authentication methods to negotiate a | 22 // clients and hosts that support multiple authentication methods to negotiate a |
23 // method to use. | 23 // method to use. |
24 // | 24 // |
(...skipping 28 matching lines...) Expand all Loading... |
53 // * The client may optimistically pick a method on its first message (assuming | 53 // * The client may optimistically pick a method on its first message (assuming |
54 // it doesn't require user interaction to start). If the host doesn't | 54 // it doesn't require user interaction to start). If the host doesn't |
55 // support that method, it will just discard that message, and choose | 55 // support that method, it will just discard that message, and choose |
56 // another method from the client's supported methods list. | 56 // another method from the client's supported methods list. |
57 // * The host never sends its own supported methods back to the client, so once | 57 // * The host never sends its own supported methods back to the client, so once |
58 // the host picks a method from the client's list, it's final. | 58 // the host picks a method from the client's list, it's final. |
59 // * Any change in this class must maintain compatibility between any version | 59 // * Any change in this class must maintain compatibility between any version |
60 // mix of webapp, client plugin and host, for both Me2Me and IT2Me. | 60 // mix of webapp, client plugin and host, for both Me2Me and IT2Me. |
61 class NegotiatingAuthenticatorBase : public Authenticator { | 61 class NegotiatingAuthenticatorBase : public Authenticator { |
62 public: | 62 public: |
| 63 // Method represents an authentication algorithm. |
| 64 enum class Method { |
| 65 INVALID, |
| 66 SPAKE2_SHARED_SECRET_PLAIN, |
| 67 SPAKE2_SHARED_SECRET_HMAC, |
| 68 SPAKE2_PAIR, |
| 69 THIRD_PARTY, |
| 70 }; |
| 71 |
63 ~NegotiatingAuthenticatorBase() override; | 72 ~NegotiatingAuthenticatorBase() override; |
64 | 73 |
65 // Authenticator interface. | 74 // Authenticator interface. |
66 State state() const override; | 75 State state() const override; |
67 bool started() const override; | 76 bool started() const override; |
68 RejectionReason rejection_reason() const override; | 77 RejectionReason rejection_reason() const override; |
69 const std::string& GetAuthKey() const override; | 78 const std::string& GetAuthKey() const override; |
70 scoped_ptr<ChannelAuthenticator> CreateChannelAuthenticator() const override; | 79 scoped_ptr<ChannelAuthenticator> CreateChannelAuthenticator() const override; |
71 | 80 |
72 // Calls |current_authenticator_| to process |message|, passing the supplied | 81 // Calls |current_authenticator_| to process |message|, passing the supplied |
73 // |resume_callback|. | 82 // |resume_callback|. |
74 void ProcessMessageInternal(const buzz::XmlElement* message, | 83 void ProcessMessageInternal(const buzz::XmlElement* message, |
75 const base::Closure& resume_callback); | 84 const base::Closure& resume_callback); |
76 | 85 |
77 const AuthenticationMethod& current_method_for_testing() const { | 86 protected: |
78 return current_method_; | 87 friend class NegotiatingAuthenticatorTest; |
79 } | 88 FRIEND_TEST_ALL_PREFIXES(NegotiatingAuthenticatorTest, IncompatibleMethods); |
80 | 89 |
81 protected: | |
82 static const buzz::StaticQName kMethodAttributeQName; | 90 static const buzz::StaticQName kMethodAttributeQName; |
83 static const buzz::StaticQName kSupportedMethodsAttributeQName; | 91 static const buzz::StaticQName kSupportedMethodsAttributeQName; |
84 static const char kSupportedMethodsSeparator; | 92 static const char kSupportedMethodsSeparator; |
85 | 93 |
| 94 // Parses a string that defines an authentication method. Returns |
| 95 // Method::INVALID if the string is invalid. |
| 96 static Method ParseMethodString(const std::string& value); |
| 97 |
| 98 // Returns string representation of |method|. |
| 99 static std::string MethodToString(Method method); |
| 100 |
86 explicit NegotiatingAuthenticatorBase(Authenticator::State initial_state); | 101 explicit NegotiatingAuthenticatorBase(Authenticator::State initial_state); |
87 | 102 |
88 void AddMethod(AuthenticationMethod method); | 103 void AddMethod(Method method); |
89 | 104 |
90 // Updates |state_| to reflect the current underlying authenticator state. | 105 // Updates |state_| to reflect the current underlying authenticator state. |
91 // |resume_callback| is called after the state is updated. | 106 // |resume_callback| is called after the state is updated. |
92 void UpdateState(const base::Closure& resume_callback); | 107 void UpdateState(const base::Closure& resume_callback); |
93 | 108 |
94 // Gets the next message from |current_authenticator_|, if any, and fills in | 109 // Gets the next message from |current_authenticator_|, if any, and fills in |
95 // the 'method' tag with |current_method_|. | 110 // the 'method' tag with |current_method_|. |
96 virtual scoped_ptr<buzz::XmlElement> GetNextMessageInternal(); | 111 virtual scoped_ptr<buzz::XmlElement> GetNextMessageInternal(); |
97 | 112 |
98 std::vector<AuthenticationMethod> methods_; | 113 std::vector<Method> methods_; |
99 AuthenticationMethod current_method_ = AuthenticationMethod::INVALID; | 114 Method current_method_ = Method::INVALID; |
100 scoped_ptr<Authenticator> current_authenticator_; | 115 scoped_ptr<Authenticator> current_authenticator_; |
101 State state_; | 116 State state_; |
102 RejectionReason rejection_reason_ = INVALID_CREDENTIALS; | 117 RejectionReason rejection_reason_ = INVALID_CREDENTIALS; |
103 | 118 |
104 private: | 119 private: |
105 DISALLOW_COPY_AND_ASSIGN(NegotiatingAuthenticatorBase); | 120 DISALLOW_COPY_AND_ASSIGN(NegotiatingAuthenticatorBase); |
106 }; | 121 }; |
107 | 122 |
108 } // namespace protocol | 123 } // namespace protocol |
109 } // namespace remoting | 124 } // namespace remoting |
110 | 125 |
111 #endif // REMOTING_PROTOCOL_NEGOTIATING_AUTHENTICATOR_BASE_H_ | 126 #endif // REMOTING_PROTOCOL_NEGOTIATING_AUTHENTICATOR_BASE_H_ |
OLD | NEW |