OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef REMOTING_PROTOCOL_NEGOTIATING_AUTHENTICATOR_BASE_H_ | 5 #ifndef REMOTING_PROTOCOL_NEGOTIATING_AUTHENTICATOR_BASE_H_ |
6 #define REMOTING_PROTOCOL_NEGOTIATING_AUTHENTICATOR_BASE_H_ | 6 #define REMOTING_PROTOCOL_NEGOTIATING_AUTHENTICATOR_BASE_H_ |
7 | 7 |
8 #include <string> | 8 #include <string> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
11 #include "base/macros.h" | 11 #include "base/macros.h" |
12 #include "base/memory/ref_counted.h" | 12 #include "base/memory/ref_counted.h" |
13 #include "base/memory/scoped_ptr.h" | 13 #include "base/memory/scoped_ptr.h" |
14 #include "remoting/protocol/authentication_method.h" | |
15 #include "remoting/protocol/authenticator.h" | 14 #include "remoting/protocol/authenticator.h" |
16 #include "third_party/webrtc/libjingle/xmllite/xmlelement.h" | 15 #include "third_party/webrtc/libjingle/xmllite/xmlelement.h" |
17 | 16 |
18 namespace remoting { | 17 namespace remoting { |
19 namespace protocol { | 18 namespace protocol { |
20 | 19 |
21 // This class provides the common base for a meta-authenticator that allows | 20 // This class provides the common base for a meta-authenticator that allows |
22 // clients and hosts that support multiple authentication methods to negotiate a | 21 // clients and hosts that support multiple authentication methods to negotiate a |
23 // method to use. | 22 // method to use. |
24 // | 23 // |
(...skipping 28 matching lines...) Expand all Loading... | |
53 // * The client may optimistically pick a method on its first message (assuming | 52 // * The client may optimistically pick a method on its first message (assuming |
54 // it doesn't require user interaction to start). If the host doesn't | 53 // it doesn't require user interaction to start). If the host doesn't |
55 // support that method, it will just discard that message, and choose | 54 // support that method, it will just discard that message, and choose |
56 // another method from the client's supported methods list. | 55 // another method from the client's supported methods list. |
57 // * The host never sends its own supported methods back to the client, so once | 56 // * The host never sends its own supported methods back to the client, so once |
58 // the host picks a method from the client's list, it's final. | 57 // the host picks a method from the client's list, it's final. |
59 // * Any change in this class must maintain compatibility between any version | 58 // * Any change in this class must maintain compatibility between any version |
60 // mix of webapp, client plugin and host, for both Me2Me and IT2Me. | 59 // mix of webapp, client plugin and host, for both Me2Me and IT2Me. |
61 class NegotiatingAuthenticatorBase : public Authenticator { | 60 class NegotiatingAuthenticatorBase : public Authenticator { |
62 public: | 61 public: |
62 // Method represents an authentication algorithm. | |
63 enum class Method { | |
64 INVALID, | |
65 SPAKE2_SHARED_SECRET_PLAIN, | |
Jamie
2016/03/08 02:17:38
Unrelated to this CL, but when do we use PLAIN, an
Sergey Ulanov
2016/03/08 18:32:40
It's used for It2Me. It can potentially be switche
| |
66 SPAKE2_SHARED_SECRET_HMAC, | |
67 SPAKE2_PAIR, | |
68 THIRD_PARTY, | |
69 }; | |
70 | |
63 ~NegotiatingAuthenticatorBase() override; | 71 ~NegotiatingAuthenticatorBase() override; |
64 | 72 |
65 // Authenticator interface. | 73 // Authenticator interface. |
66 State state() const override; | 74 State state() const override; |
67 bool started() const override; | 75 bool started() const override; |
68 RejectionReason rejection_reason() const override; | 76 RejectionReason rejection_reason() const override; |
69 const std::string& GetAuthKey() const override; | 77 const std::string& GetAuthKey() const override; |
70 scoped_ptr<ChannelAuthenticator> CreateChannelAuthenticator() const override; | 78 scoped_ptr<ChannelAuthenticator> CreateChannelAuthenticator() const override; |
71 | 79 |
72 // Calls |current_authenticator_| to process |message|, passing the supplied | 80 // Calls |current_authenticator_| to process |message|, passing the supplied |
73 // |resume_callback|. | 81 // |resume_callback|. |
74 void ProcessMessageInternal(const buzz::XmlElement* message, | 82 void ProcessMessageInternal(const buzz::XmlElement* message, |
75 const base::Closure& resume_callback); | 83 const base::Closure& resume_callback); |
76 | 84 |
77 const AuthenticationMethod& current_method_for_testing() const { | 85 protected: |
78 return current_method_; | 86 friend class NegotiatingAuthenticatorTest; |
Jamie
2016/03/08 02:17:38
FRIEND_TEST_ALL_PREFIXES?
Sergey Ulanov
2016/03/08 18:32:40
FRIEND_TEST_ALL_PREFIXES is used to friend specifi
| |
79 } | |
80 | 87 |
81 protected: | |
82 static const buzz::StaticQName kMethodAttributeQName; | 88 static const buzz::StaticQName kMethodAttributeQName; |
83 static const buzz::StaticQName kSupportedMethodsAttributeQName; | 89 static const buzz::StaticQName kSupportedMethodsAttributeQName; |
84 static const char kSupportedMethodsSeparator; | 90 static const char kSupportedMethodsSeparator; |
85 | 91 |
92 // Parses a string that defines an authentication method. Returns | |
93 // Method::INVALID if the string is invalid. | |
94 static Method ParseMethodString(const std::string& value); | |
95 | |
96 // Returns string representation of |method|. | |
97 static std::string MethodToString(Method method); | |
98 | |
86 explicit NegotiatingAuthenticatorBase(Authenticator::State initial_state); | 99 explicit NegotiatingAuthenticatorBase(Authenticator::State initial_state); |
87 | 100 |
88 void AddMethod(AuthenticationMethod method); | 101 void AddMethod(Method method); |
89 | 102 |
90 // Updates |state_| to reflect the current underlying authenticator state. | 103 // Updates |state_| to reflect the current underlying authenticator state. |
91 // |resume_callback| is called after the state is updated. | 104 // |resume_callback| is called after the state is updated. |
92 void UpdateState(const base::Closure& resume_callback); | 105 void UpdateState(const base::Closure& resume_callback); |
93 | 106 |
94 // Gets the next message from |current_authenticator_|, if any, and fills in | 107 // Gets the next message from |current_authenticator_|, if any, and fills in |
95 // the 'method' tag with |current_method_|. | 108 // the 'method' tag with |current_method_|. |
96 virtual scoped_ptr<buzz::XmlElement> GetNextMessageInternal(); | 109 virtual scoped_ptr<buzz::XmlElement> GetNextMessageInternal(); |
97 | 110 |
98 std::vector<AuthenticationMethod> methods_; | 111 std::vector<Method> methods_; |
99 AuthenticationMethod current_method_ = AuthenticationMethod::INVALID; | 112 Method current_method_ = Method::INVALID; |
100 scoped_ptr<Authenticator> current_authenticator_; | 113 scoped_ptr<Authenticator> current_authenticator_; |
101 State state_; | 114 State state_; |
102 RejectionReason rejection_reason_ = INVALID_CREDENTIALS; | 115 RejectionReason rejection_reason_ = INVALID_CREDENTIALS; |
103 | 116 |
104 private: | 117 private: |
105 DISALLOW_COPY_AND_ASSIGN(NegotiatingAuthenticatorBase); | 118 DISALLOW_COPY_AND_ASSIGN(NegotiatingAuthenticatorBase); |
106 }; | 119 }; |
107 | 120 |
108 } // namespace protocol | 121 } // namespace protocol |
109 } // namespace remoting | 122 } // namespace remoting |
110 | 123 |
111 #endif // REMOTING_PROTOCOL_NEGOTIATING_AUTHENTICATOR_BASE_H_ | 124 #endif // REMOTING_PROTOCOL_NEGOTIATING_AUTHENTICATOR_BASE_H_ |
OLD | NEW |