OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "remoting/protocol/negotiating_client_authenticator.h" | 5 #include "remoting/protocol/negotiating_client_authenticator.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <sstream> | 8 #include <sstream> |
9 #include <utility> | 9 #include <utility> |
10 | 10 |
11 #include "base/bind.h" | 11 #include "base/bind.h" |
12 #include "base/callback.h" | 12 #include "base/callback.h" |
13 #include "base/logging.h" | 13 #include "base/logging.h" |
14 #include "base/strings/string_split.h" | 14 #include "base/strings/string_split.h" |
15 #include "remoting/protocol/auth_util.h" | 15 #include "remoting/protocol/auth_util.h" |
16 #include "remoting/protocol/channel_authenticator.h" | 16 #include "remoting/protocol/channel_authenticator.h" |
17 #include "remoting/protocol/pairing_client_authenticator.h" | 17 #include "remoting/protocol/pairing_client_authenticator.h" |
18 #include "remoting/protocol/v2_authenticator.h" | 18 #include "remoting/protocol/v2_authenticator.h" |
19 #include "third_party/webrtc/libjingle/xmllite/xmlelement.h" | 19 #include "third_party/webrtc/libjingle/xmllite/xmlelement.h" |
20 | 20 |
21 namespace remoting { | 21 namespace remoting { |
22 namespace protocol { | 22 namespace protocol { |
23 | 23 |
| 24 ClientAuthenticationConfig::ClientAuthenticationConfig() {} |
| 25 ClientAuthenticationConfig::~ClientAuthenticationConfig() {} |
| 26 |
24 NegotiatingClientAuthenticator::NegotiatingClientAuthenticator( | 27 NegotiatingClientAuthenticator::NegotiatingClientAuthenticator( |
25 const std::string& client_pairing_id, | 28 const ClientAuthenticationConfig& config) |
26 const std::string& shared_secret, | |
27 const std::string& authentication_tag, | |
28 const FetchSecretCallback& fetch_secret_callback, | |
29 const FetchThirdPartyTokenCallback& fetch_third_party_token_callback) | |
30 : NegotiatingAuthenticatorBase(MESSAGE_READY), | 29 : NegotiatingAuthenticatorBase(MESSAGE_READY), |
31 client_pairing_id_(client_pairing_id), | 30 config_(config), |
32 shared_secret_(shared_secret), | |
33 authentication_tag_(authentication_tag), | |
34 fetch_secret_callback_(fetch_secret_callback), | |
35 fetch_third_party_token_callback_(fetch_third_party_token_callback), | |
36 weak_factory_(this) { | 31 weak_factory_(this) { |
37 if (!fetch_third_party_token_callback.is_null()) | 32 if (!config_.fetch_third_party_token_callback.is_null()) |
38 AddMethod(Method::THIRD_PARTY); | 33 AddMethod(Method::THIRD_PARTY); |
39 AddMethod(Method::SPAKE2_PAIR); | 34 AddMethod(Method::SPAKE2_PAIR); |
40 AddMethod(Method::SPAKE2_SHARED_SECRET_HMAC); | 35 AddMethod(Method::SPAKE2_SHARED_SECRET_HMAC); |
41 AddMethod(Method::SPAKE2_SHARED_SECRET_PLAIN); | 36 AddMethod(Method::SPAKE2_SHARED_SECRET_PLAIN); |
42 } | 37 } |
43 | 38 |
44 NegotiatingClientAuthenticator::~NegotiatingClientAuthenticator() {} | 39 NegotiatingClientAuthenticator::~NegotiatingClientAuthenticator() {} |
45 | 40 |
46 void NegotiatingClientAuthenticator::ProcessMessage( | 41 void NegotiatingClientAuthenticator::ProcessMessage( |
47 const buzz::XmlElement* message, | 42 const buzz::XmlElement* message, |
(...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
108 return GetNextMessageInternal(); | 103 return GetNextMessageInternal(); |
109 } | 104 } |
110 | 105 |
111 void NegotiatingClientAuthenticator::CreateAuthenticatorForCurrentMethod( | 106 void NegotiatingClientAuthenticator::CreateAuthenticatorForCurrentMethod( |
112 Authenticator::State preferred_initial_state, | 107 Authenticator::State preferred_initial_state, |
113 const base::Closure& resume_callback) { | 108 const base::Closure& resume_callback) { |
114 DCHECK(current_method_ != Method::INVALID); | 109 DCHECK(current_method_ != Method::INVALID); |
115 if (current_method_ == Method::THIRD_PARTY) { | 110 if (current_method_ == Method::THIRD_PARTY) { |
116 current_authenticator_.reset(new ThirdPartyClientAuthenticator( | 111 current_authenticator_.reset(new ThirdPartyClientAuthenticator( |
117 base::Bind(&V2Authenticator::CreateForClient), | 112 base::Bind(&V2Authenticator::CreateForClient), |
118 fetch_third_party_token_callback_)); | 113 config_.fetch_third_party_token_callback)); |
119 resume_callback.Run(); | 114 resume_callback.Run(); |
120 } else { | 115 } else { |
121 DCHECK(current_method_ == Method::SPAKE2_SHARED_SECRET_PLAIN || | 116 DCHECK(current_method_ == Method::SPAKE2_SHARED_SECRET_PLAIN || |
122 current_method_ == Method::SPAKE2_PAIR || | 117 current_method_ == Method::SPAKE2_PAIR || |
123 current_method_ == Method::SPAKE2_SHARED_SECRET_HMAC); | 118 current_method_ == Method::SPAKE2_SHARED_SECRET_HMAC); |
124 bool pairing_supported = (current_method_ == Method::SPAKE2_PAIR); | 119 bool pairing_supported = (current_method_ == Method::SPAKE2_PAIR); |
125 SecretFetchedCallback callback = base::Bind( | 120 SecretFetchedCallback callback = base::Bind( |
126 &NegotiatingClientAuthenticator::CreateV2AuthenticatorWithSecret, | 121 &NegotiatingClientAuthenticator::CreateV2AuthenticatorWithSecret, |
127 weak_factory_.GetWeakPtr(), preferred_initial_state, resume_callback); | 122 weak_factory_.GetWeakPtr(), preferred_initial_state, resume_callback); |
128 fetch_secret_callback_.Run(pairing_supported, callback); | 123 config_.fetch_secret_callback.Run(pairing_supported, callback); |
129 } | 124 } |
130 } | 125 } |
131 | 126 |
132 void NegotiatingClientAuthenticator::CreatePreferredAuthenticator() { | 127 void NegotiatingClientAuthenticator::CreatePreferredAuthenticator() { |
133 if (!client_pairing_id_.empty() && !shared_secret_.empty() && | 128 if (!config_.pairing_client_id.empty() && !config_.pairing_secret.empty() && |
134 std::find(methods_.begin(), methods_.end(), Method::SPAKE2_PAIR) != | 129 std::find(methods_.begin(), methods_.end(), Method::SPAKE2_PAIR) != |
135 methods_.end()) { | 130 methods_.end()) { |
136 // If the client specified a pairing id and shared secret, then create a | 131 // If the client specified a pairing id and shared secret, then create a |
137 // PairingAuthenticator. | 132 // PairingAuthenticator. |
138 current_authenticator_.reset(new PairingClientAuthenticator( | 133 current_authenticator_.reset(new PairingClientAuthenticator( |
139 client_pairing_id_, shared_secret_, | 134 config_.pairing_client_id, config_.pairing_secret, |
140 base::Bind(&V2Authenticator::CreateForClient), fetch_secret_callback_, | 135 base::Bind(&V2Authenticator::CreateForClient), |
141 authentication_tag_)); | 136 config_.fetch_secret_callback, config_.host_id)); |
142 current_method_ = Method::SPAKE2_PAIR; | 137 current_method_ = Method::SPAKE2_PAIR; |
143 } | 138 } |
144 } | 139 } |
145 | 140 |
146 void NegotiatingClientAuthenticator::CreateV2AuthenticatorWithSecret( | 141 void NegotiatingClientAuthenticator::CreateV2AuthenticatorWithSecret( |
147 Authenticator::State initial_state, | 142 Authenticator::State initial_state, |
148 const base::Closure& resume_callback, | 143 const base::Closure& resume_callback, |
149 const std::string& shared_secret) { | 144 const std::string& shared_secret) { |
150 current_authenticator_ = V2Authenticator::CreateForClient( | 145 current_authenticator_ = V2Authenticator::CreateForClient( |
151 (current_method_ == Method::SPAKE2_SHARED_SECRET_PLAIN) | 146 (current_method_ == Method::SPAKE2_SHARED_SECRET_PLAIN) |
152 ? shared_secret | 147 ? shared_secret |
153 : GetSharedSecretHash(authentication_tag_, shared_secret), | 148 : GetSharedSecretHash(config_.host_id, shared_secret), |
154 initial_state); | 149 initial_state); |
155 resume_callback.Run(); | 150 resume_callback.Run(); |
156 } | 151 } |
157 | 152 |
158 } // namespace protocol | 153 } // namespace protocol |
159 } // namespace remoting | 154 } // namespace remoting |
OLD | NEW |