Chromium Code Reviews Chromium Code Reviews
Issue 1770923002:
Remove dependency on V2Authenticator from ThirdParty and pairing authenticators. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef REMOTING_PROTOCOL_AUTHENTICATOR_H_ | 5 #ifndef REMOTING_PROTOCOL_AUTHENTICATOR_H_ |
| 6 #define REMOTING_PROTOCOL_AUTHENTICATOR_H_ | 6 #define REMOTING_PROTOCOL_AUTHENTICATOR_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/callback.h" | 10 #include "base/callback.h" |
| 11 #include "base/memory/scoped_ptr.h" | 11 #include "base/memory/scoped_ptr.h" |
| 12 | 12 |
| 13 namespace buzz { | 13 namespace buzz { |
| 14 class XmlElement; | 14 class XmlElement; |
| 15 } // namespace buzz | 15 } // namespace buzz |
| 16 | 16 |
| 17 namespace remoting { | 17 namespace remoting { |
| 18 namespace protocol { | 18 namespace protocol { |
| 19 | 19 |
| 20 class Authenticator; | |
| 20 class ChannelAuthenticator; | 21 class ChannelAuthenticator; |
| 21 | 22 |
| 22 typedef base::Callback<void(const std::string& secret)> SecretFetchedCallback; | 23 typedef base::Callback<void(const std::string& secret)> SecretFetchedCallback; |
| 23 typedef base::Callback<void( | 24 typedef base::Callback<void( |
| 24 bool pairing_supported, | 25 bool pairing_supported, |
| 25 const SecretFetchedCallback& secret_fetched_callback)> FetchSecretCallback; | 26 const SecretFetchedCallback& secret_fetched_callback)> FetchSecretCallback; |
| 26 | 27 |
| 27 // Authenticator is an abstract interface for authentication protocol | 28 // Authenticator is an abstract interface for authentication protocol |
| 28 // implementations. Different implementations of this interface may be | 29 // implementations. Different implementations of this interface may be used on |
| 29 // used on each side of the connection depending of type of the auth | 30 // each side of the connection depending of type of the authprotocol. Client and |
|
Jamie
2016/03/07 21:40:18
s/authprotocol/auth protocol/
Sergey Ulanov
2016/03/07 22:45:05
Done.
| |
| 30 // protocol. Client and host will repeatedly call their Authenticators | 31 // host will repeatedly call their Authenticators and deliver the messages they |
| 31 // and deliver the messages they generate, until successful | 32 // generate, until successful authentication is reported. |
| 32 // authentication is reported. | |
| 33 // | 33 // |
| 34 // Authenticator may exchange multiple messages before session is | 34 // Authenticator may exchange multiple messages before session is authenticated. |
| 35 // authenticated. Each message sent/received by an Authenticator is | 35 // Each message sent/received by an Authenticator is delivered either in a |
| 36 // delivered either in a session description inside session-initiate | 36 // session description inside session-initiate and session-accept messages or in |
| 37 // and session-accept messages or in a session-info | 37 // a session-info message. Session-info messages are used only if authenticators |
| 38 // message. Session-info messages are used only if authenticators need | 38 // need to exchange more than one message. |
| 39 // to exchange more than one message. | |
| 40 class Authenticator { | 39 class Authenticator { |
| 41 public: | 40 public: |
| 42 // Allowed state transitions: | 41 // Allowed state transitions: |
| 43 // When ProcessMessage() is called: | 42 // When ProcessMessage() is called: |
| 44 // WAITING_MESSAGE -> MESSAGE_READY | 43 // WAITING_MESSAGE -> MESSAGE_READY |
| 45 // WAITING_MESSAGE -> ACCEPTED | 44 // WAITING_MESSAGE -> ACCEPTED |
| 46 // WAITING_MESSAGE -> REJECTED | 45 // WAITING_MESSAGE -> REJECTED |
| 47 // WAITING_MESSAGE -> PROCESSING_MESSAGE | 46 // WAITING_MESSAGE -> PROCESSING_MESSAGE |
| 48 // After asynchronous message processing finishes: | 47 // After asynchronous message processing finishes: |
| 49 /// PROCESSING_MESSAGE -> MESSAGE_READY | 48 /// PROCESSING_MESSAGE -> MESSAGE_READY |
| (...skipping 15 matching lines...) Expand all Loading... | |
| 65 | 64 |
| 66 // Asynchronously processing the last message from the peer. | 65 // Asynchronously processing the last message from the peer. |
| 67 PROCESSING_MESSAGE, | 66 PROCESSING_MESSAGE, |
| 68 }; | 67 }; |
| 69 | 68 |
| 70 enum RejectionReason { | 69 enum RejectionReason { |
| 71 INVALID_CREDENTIALS, | 70 INVALID_CREDENTIALS, |
| 72 PROTOCOL_ERROR, | 71 PROTOCOL_ERROR, |
| 73 }; | 72 }; |
| 74 | 73 |
| 74 // Callback used for layered Authenticator implementations, particularly | |
| 75 // third-party and pairing authenticators. They use this callback to create | |
| 76 // base SPAKE2 authenticators. | |
| 77 typedef base::Callback<scoped_ptr<Authenticator>( | |
| 78 const std::string& shared_secret, | |
| 79 Authenticator::State initial_state)> | |
| 80 CreateBaseAuthenticatorCallback; | |
| 81 | |
| 75 // Returns true if |message| is an Authenticator message. | 82 // Returns true if |message| is an Authenticator message. |
| 76 static bool IsAuthenticatorMessage(const buzz::XmlElement* message); | 83 static bool IsAuthenticatorMessage(const buzz::XmlElement* message); |
| 77 | 84 |
| 78 // Creates an empty Authenticator message, owned by the caller. | 85 // Creates an empty Authenticator message, owned by the caller. |
| 79 static scoped_ptr<buzz::XmlElement> CreateEmptyAuthenticatorMessage(); | 86 static scoped_ptr<buzz::XmlElement> CreateEmptyAuthenticatorMessage(); |
| 80 | 87 |
| 81 // Finds Authenticator message among child elements of |message|, or | 88 // Finds Authenticator message among child elements of |message|, or |
| 82 // returns nullptr otherwise. | 89 // returns nullptr otherwise. |
| 83 static const buzz::XmlElement* FindAuthenticatorMessage( | 90 static const buzz::XmlElement* FindAuthenticatorMessage( |
| 84 const buzz::XmlElement* message); | 91 const buzz::XmlElement* message); |
| 85 | 92 |
| 86 Authenticator() {} | 93 Authenticator() {} |
| 87 virtual ~Authenticator() {} | 94 virtual ~Authenticator() {} |
| 88 | 95 |
| 89 // Returns current state of the authenticator. | 96 // Returns current state of the authenticator. |
| 90 virtual State state() const = 0; | 97 virtual State state() const = 0; |
| 91 | 98 |
| 92 // Returns whether authentication has started. The chromoting host uses this | 99 // Returns whether authentication has started. The chromoting host uses this |
| 93 // method to starts the back off process to prevent malicious clients from | 100 // method to start the back off process to prevent malicious clients from |
| 94 // guessing the PIN by spamming the host with auth requests. | 101 // guessing the PIN by spamming the host with auth requests. |
| 95 virtual bool started() const = 0; | 102 virtual bool started() const = 0; |
| 96 | 103 |
| 97 // Returns rejection reason. Can be called only when in REJECTED state. | 104 // Returns rejection reason. Can be called only when in REJECTED state. |
| 98 virtual RejectionReason rejection_reason() const = 0; | 105 virtual RejectionReason rejection_reason() const = 0; |
| 99 | 106 |
| 100 // Called in response to incoming message received from the peer. | 107 // Called in response to incoming message received from the peer. |
| 101 // Should only be called when in WAITING_MESSAGE state. Caller retains | 108 // Should only be called when in WAITING_MESSAGE state. Caller retains |
| 102 // ownership of |message|. |resume_callback| will be called when processing is | 109 // ownership of |message|. |resume_callback| will be called when processing is |
| 103 // finished. The implementation must guarantee that |resume_callback| is not | 110 // finished. The implementation must guarantee that |resume_callback| is not |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 135 virtual scoped_ptr<Authenticator> CreateAuthenticator( | 142 virtual scoped_ptr<Authenticator> CreateAuthenticator( |
| 136 const std::string& local_jid, | 143 const std::string& local_jid, |
| 137 const std::string& remote_jid, | 144 const std::string& remote_jid, |
| 138 const buzz::XmlElement* first_message) = 0; | 145 const buzz::XmlElement* first_message) = 0; |
| 139 }; | 146 }; |
| 140 | 147 |
| 141 } // namespace protocol | 148 } // namespace protocol |
| 142 } // namespace remoting | 149 } // namespace remoting |
| 143 | 150 |
| 144 #endif // REMOTING_PROTOCOL_AUTHENTICATOR_H_ | 151 #endif // REMOTING_PROTOCOL_AUTHENTICATOR_H_ |
| OLD | NEW |
