OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "remoting/protocol/it2me_host_authenticator_factory.h" | 5 #include "remoting/protocol/it2me_host_authenticator_factory.h" |
6 | 6 |
| 7 #include <memory> |
| 8 #include <string> |
| 9 #include <utility> |
| 10 |
7 #include "base/logging.h" | 11 #include "base/logging.h" |
8 #include "base/memory/ptr_util.h" | 12 #include "base/memory/ptr_util.h" |
9 #include "base/strings/string_util.h" | |
10 #include "remoting/base/rsa_key_pair.h" | 13 #include "remoting/base/rsa_key_pair.h" |
11 #include "remoting/protocol/negotiating_host_authenticator.h" | 14 #include "remoting/protocol/negotiating_host_authenticator.h" |
12 #include "remoting/protocol/rejecting_authenticator.h" | 15 #include "remoting/protocol/validating_authenticator.h" |
13 | 16 |
14 namespace remoting { | 17 namespace remoting { |
15 namespace protocol { | 18 namespace protocol { |
16 | 19 |
17 It2MeHostAuthenticatorFactory::It2MeHostAuthenticatorFactory( | 20 It2MeHostAuthenticatorFactory::It2MeHostAuthenticatorFactory( |
18 const std::string& local_cert, | 21 const std::string& local_cert, |
19 scoped_refptr<RsaKeyPair> key_pair, | 22 scoped_refptr<RsaKeyPair> key_pair, |
20 const std::string& access_code_hash, | 23 const std::string& access_code_hash, |
21 const std::string& required_client_domain) | 24 const ValidatingAuthenticator::ValidationCallback& callback) |
22 : local_cert_(local_cert), | 25 : local_cert_(local_cert), |
23 key_pair_(key_pair), | 26 key_pair_(key_pair), |
24 access_code_hash_(access_code_hash), | 27 access_code_hash_(access_code_hash), |
25 required_client_domain_(required_client_domain) {} | 28 validation_callback_(callback) {} |
26 | 29 |
27 It2MeHostAuthenticatorFactory::~It2MeHostAuthenticatorFactory() {} | 30 It2MeHostAuthenticatorFactory::~It2MeHostAuthenticatorFactory() {} |
28 | 31 |
29 std::unique_ptr<Authenticator> | 32 std::unique_ptr<Authenticator> |
30 It2MeHostAuthenticatorFactory::CreateAuthenticator( | 33 It2MeHostAuthenticatorFactory::CreateAuthenticator( |
31 const std::string& local_jid, | 34 const std::string& local_jid, |
32 const std::string& remote_jid) { | 35 const std::string& remote_jid) { |
33 // Check the client domain policy. | 36 std::unique_ptr<Authenticator> authenticator( |
34 if (!required_client_domain_.empty()) { | 37 NegotiatingHostAuthenticator::CreateWithSharedSecret( |
35 std::string client_username = remote_jid; | 38 local_jid, remote_jid, local_cert_, key_pair_, access_code_hash_, |
36 size_t pos = client_username.find('/'); | 39 nullptr)); |
37 if (pos != std::string::npos) { | |
38 client_username.replace(pos, std::string::npos, ""); | |
39 } | |
40 if (!base::EndsWith(client_username, | |
41 std::string("@") + required_client_domain_, | |
42 base::CompareCase::INSENSITIVE_ASCII)) { | |
43 LOG(ERROR) << "Rejecting incoming connection from " << remote_jid | |
44 << ": Domain mismatch."; | |
45 return base::WrapUnique( | |
46 new RejectingAuthenticator(Authenticator::INVALID_ACCOUNT)); | |
47 } | |
48 } | |
49 | 40 |
50 return NegotiatingHostAuthenticator::CreateWithSharedSecret( | 41 return base::MakeUnique<ValidatingAuthenticator>( |
51 local_jid, remote_jid, local_cert_, key_pair_, access_code_hash_, | 42 remote_jid, validation_callback_, std::move(authenticator)); |
52 nullptr); | |
53 } | 43 } |
54 | 44 |
55 } // namespace protocol | 45 } // namespace protocol |
56 } // namespace remoting | 46 } // namespace remoting |
OLD | NEW |