Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(18)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: remoting/host/token_validator_base.cc

Issue 2652353002: Adding logging for third party certifcate tokens (Closed)
Patch Set: Adding more information to identify which cert was used. Created 3 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "remoting/host/token_validator_base.h" 5 #include "remoting/host/token_validator_base.h"
6 6
7 #include <stddef.h> 7 #include <stddef.h>
8 8
9 #include "base/base64.h" 9 #include "base/base64.h"
10 #include "base/bind.h" 10 #include "base/bind.h"
(...skipping 18 matching lines...) Expand all
29 #elif defined(OS_MACOSX) 29 #elif defined(OS_MACOSX)
30 #include "net/ssl/client_cert_store_mac.h" 30 #include "net/ssl/client_cert_store_mac.h"
31 #endif 31 #endif
32 #include "net/ssl/ssl_cert_request_info.h" 32 #include "net/ssl/ssl_cert_request_info.h"
33 #include "net/ssl/ssl_platform_key.h" 33 #include "net/ssl/ssl_platform_key.h"
34 #include "net/ssl/ssl_private_key.h" 34 #include "net/ssl/ssl_private_key.h"
35 #include "net/url_request/redirect_info.h" 35 #include "net/url_request/redirect_info.h"
36 #include "net/url_request/url_request.h" 36 #include "net/url_request/url_request.h"
37 #include "net/url_request/url_request_context.h" 37 #include "net/url_request/url_request_context.h"
38 #include "net/url_request/url_request_status.h" 38 #include "net/url_request/url_request_status.h"
39 #include "remoting/base/logging.h"
39 #include "url/gurl.h" 40 #include "url/gurl.h"
40 41
41 namespace { 42 namespace {
42 43
43 const int kBufferSize = 4096; 44 const int kBufferSize = 4096;
44 const char kCertIssuerWildCard[] = "*"; 45 const char kCertIssuerWildCard[] = "*";
45 46
46 // The certificate is valid if: 47 // The certificate is valid if:
47 // * The certificate issuer matches exactly |issuer| or the |issuer| is a 48 // * The certificate issuer matches exactly |issuer| or the |issuer| is a
48 // wildcard. And 49 // wildcard. And
(...skipping 180 matching lines...) Expand 10 before | Expand all | Expand 10 after
229 ContinueWithCertificate( 230 ContinueWithCertificate(
230 best_match_position->get(), 231 best_match_position->get(),
231 net::FetchClientCertPrivateKey(best_match_position->get()).get()); 232 net::FetchClientCertPrivateKey(best_match_position->get()).get());
232 } 233 }
233 } 234 }
234 235
235 void TokenValidatorBase::ContinueWithCertificate( 236 void TokenValidatorBase::ContinueWithCertificate(
236 net::X509Certificate* client_cert, 237 net::X509Certificate* client_cert,
237 net::SSLPrivateKey* client_private_key) { 238 net::SSLPrivateKey* client_private_key) {
238 if (request_) { 239 if (request_) {
240 if (client_cert) {
241 HOST_LOG << "Using certificate issued by: '"
242 << client_cert->issuer().common_name << "' with start date: '"
243 << client_cert->valid_start() << "' and expiry date: '"
244 << client_cert->valid_expiry() << "'";
245 }
246
239 request_->ContinueWithCertificate(client_cert, client_private_key); 247 request_->ContinueWithCertificate(client_cert, client_private_key);
240 } 248 }
241 } 249 }
242 250
243 bool TokenValidatorBase::IsValidScope(const std::string& token_scope) { 251 bool TokenValidatorBase::IsValidScope(const std::string& token_scope) {
244 // TODO(rmsousa): Deal with reordering/subsets/supersets/aliases/etc. 252 // TODO(rmsousa): Deal with reordering/subsets/supersets/aliases/etc.
245 return token_scope == token_scope_; 253 return token_scope == token_scope_;
246 } 254 }
247 255
248 std::string TokenValidatorBase::ProcessResponse(int net_result) { 256 std::string TokenValidatorBase::ProcessResponse(int net_result) {
(...skipping 26 matching lines...) Expand all
275 return std::string(); 283 return std::string();
276 } 284 }
277 285
278 std::string shared_secret; 286 std::string shared_secret;
279 // Everything is valid, so return the shared secret to the caller. 287 // Everything is valid, so return the shared secret to the caller.
280 dict->GetStringWithoutPathExpansion("access_token", &shared_secret); 288 dict->GetStringWithoutPathExpansion("access_token", &shared_secret);
281 return shared_secret; 289 return shared_secret;
282 } 290 }
283 291
284 } // namespace remoting 292 } // namespace remoting
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698