| OLD | NEW |
|---|
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "remoting/host/token_validator_base.h" | 5 #include "remoting/host/token_validator_base.h" |
| 6 | 6 |
| 7 #include <vector> | 7 #include <vector> |
| 8 | 8 |
| 9 #include "base/atomic_sequence_num.h" | 9 #include "base/atomic_sequence_num.h" |
| 10 #include "crypto/rsa_private_key.h" | 10 #include "crypto/rsa_private_key.h" |
| (...skipping 21 matching lines...) Expand all Loading... |
| 32 | 32 |
| 33 } // namespace | 33 } // namespace |
| 34 | 34 |
| 35 namespace remoting { | 35 namespace remoting { |
| 36 | 36 |
| 37 class TestTokenValidator : TokenValidatorBase { | 37 class TestTokenValidator : TokenValidatorBase { |
| 38 public: | 38 public: |
| 39 explicit TestTokenValidator(const ThirdPartyAuthConfig& config); | 39 explicit TestTokenValidator(const ThirdPartyAuthConfig& config); |
| 40 ~TestTokenValidator() override; | 40 ~TestTokenValidator() override; |
| 41 | 41 |
| 42 void SelectCertificates(net::CertificateList selected_certs); | 42 void SelectCertificates(net::CertificateList* selected_certs); |
| 43 | 43 |
| 44 void ExpectContinueWithCertificate(net::X509Certificate* client_cert); | 44 void ExpectContinueWithCertificate(net::X509Certificate* client_cert); |
| 45 | 45 |
| 46 protected: | 46 protected: |
| 47 void ContinueWithCertificate(net::X509Certificate* client_cert, | 47 void ContinueWithCertificate(net::X509Certificate* client_cert, |
| 48 net::SSLPrivateKey* client_private_key) override; | 48 net::SSLPrivateKey* client_private_key) override; |
| 49 | 49 |
| 50 private: | 50 private: |
| 51 void StartValidateRequest(const std::string& token) override {} | 51 void StartValidateRequest(const std::string& token) override {} |
| 52 | 52 |
| 53 net::X509Certificate* expected_client_cert_ = nullptr; | 53 net::X509Certificate* expected_client_cert_ = nullptr; |
| 54 }; | 54 }; |
| 55 | 55 |
| 56 TestTokenValidator::TestTokenValidator(const ThirdPartyAuthConfig& config) : | 56 TestTokenValidator::TestTokenValidator(const ThirdPartyAuthConfig& config) : |
| 57 TokenValidatorBase(config, "", nullptr) { | 57 TokenValidatorBase(config, "", nullptr) { |
| 58 } | 58 } |
| 59 | 59 |
| 60 TestTokenValidator::~TestTokenValidator() {} | 60 TestTokenValidator::~TestTokenValidator() {} |
| 61 | 61 |
| 62 void TestTokenValidator::SelectCertificates( | 62 void TestTokenValidator::SelectCertificates( |
| 63 net::CertificateList selected_certs) { | 63 net::CertificateList* selected_certs) { |
| 64 OnCertificatesSelected(nullptr, std::move(selected_certs)); | 64 OnCertificatesSelected(selected_certs, nullptr); |
| 65 } | 65 } |
| 66 | 66 |
| 67 void TestTokenValidator::ExpectContinueWithCertificate( | 67 void TestTokenValidator::ExpectContinueWithCertificate( |
| 68 net::X509Certificate* client_cert) { | 68 net::X509Certificate* client_cert) { |
| 69 expected_client_cert_ = client_cert; | 69 expected_client_cert_ = client_cert; |
| 70 } | 70 } |
| 71 | 71 |
| 72 void TestTokenValidator::ContinueWithCertificate( | 72 void TestTokenValidator::ContinueWithCertificate( |
| 73 net::X509Certificate* client_cert, | 73 net::X509Certificate* client_cert, |
| 74 net::SSLPrivateKey* client_private_key) { | 74 net::SSLPrivateKey* client_private_key) { |
| (...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 109 ASSERT_TRUE(cert_start_10min_expire_5min); | 109 ASSERT_TRUE(cert_start_10min_expire_5min); |
| 110 | 110 |
| 111 scoped_refptr<net::X509Certificate> cert_start_5min_expire_10min = | 111 scoped_refptr<net::X509Certificate> cert_start_5min_expire_10min = |
| 112 CreateFakeCert(now - base::TimeDelta::FromMinutes(5), | 112 CreateFakeCert(now - base::TimeDelta::FromMinutes(5), |
| 113 now + base::TimeDelta::FromMinutes(10)); | 113 now + base::TimeDelta::FromMinutes(10)); |
| 114 ASSERT_TRUE(cert_start_5min_expire_10min); | 114 ASSERT_TRUE(cert_start_5min_expire_10min); |
| 115 | 115 |
| 116 // No certificate. | 116 // No certificate. |
| 117 net::CertificateList certificates {}; | 117 net::CertificateList certificates {}; |
| 118 token_validator_->ExpectContinueWithCertificate(nullptr); | 118 token_validator_->ExpectContinueWithCertificate(nullptr); |
| 119 token_validator_->SelectCertificates(std::move(certificates)); | 119 token_validator_->SelectCertificates(&certificates); |
| 120 | 120 |
| 121 // One invalid certificate. | 121 // One invalid certificate. |
| 122 certificates = { cert_expired_5_minutes_ago }; | 122 certificates = { cert_expired_5_minutes_ago }; |
| 123 token_validator_->ExpectContinueWithCertificate(nullptr); | 123 token_validator_->ExpectContinueWithCertificate(nullptr); |
| 124 token_validator_->SelectCertificates(std::move(certificates)); | 124 token_validator_->SelectCertificates(&certificates); |
| 125 | 125 |
| 126 // One valid certificate. | 126 // One valid certificate. |
| 127 certificates = { cert_start_5min_expire_5min }; | 127 certificates = { cert_start_5min_expire_5min }; |
| 128 token_validator_->ExpectContinueWithCertificate( | 128 token_validator_->ExpectContinueWithCertificate( |
| 129 cert_start_5min_expire_5min.get()); | 129 cert_start_5min_expire_5min.get()); |
| 130 token_validator_->SelectCertificates(std::move(certificates)); | 130 token_validator_->SelectCertificates(&certificates); |
| 131 | 131 |
| 132 // One valid one invalid. | 132 // One valid one invalid. |
| 133 certificates = { cert_expired_5_minutes_ago, cert_start_5min_expire_5min }; | 133 certificates = { cert_expired_5_minutes_ago, cert_start_5min_expire_5min }; |
| 134 token_validator_->ExpectContinueWithCertificate( | 134 token_validator_->ExpectContinueWithCertificate( |
| 135 cert_start_5min_expire_5min.get()); | 135 cert_start_5min_expire_5min.get()); |
| 136 token_validator_->SelectCertificates(std::move(certificates)); | 136 token_validator_->SelectCertificates(&certificates); |
| 137 | 137 |
| 138 // Two valid certs. Choose latest created. | 138 // Two valid certs. Choose latest created. |
| 139 certificates = { cert_start_10min_expire_5min, cert_start_5min_expire_5min }; | 139 certificates = { cert_start_10min_expire_5min, cert_start_5min_expire_5min }; |
| 140 token_validator_->ExpectContinueWithCertificate( | 140 token_validator_->ExpectContinueWithCertificate( |
| 141 cert_start_5min_expire_5min.get()); | 141 cert_start_5min_expire_5min.get()); |
| 142 token_validator_->SelectCertificates(std::move(certificates)); | 142 token_validator_->SelectCertificates(&certificates); |
| 143 | 143 |
| 144 // Two valid certs. Choose latest expires. | 144 // Two valid certs. Choose latest expires. |
| 145 certificates = { cert_start_5min_expire_5min, cert_start_5min_expire_10min }; | 145 certificates = { cert_start_5min_expire_5min, cert_start_5min_expire_10min }; |
| 146 token_validator_->ExpectContinueWithCertificate( | 146 token_validator_->ExpectContinueWithCertificate( |
| 147 cert_start_5min_expire_10min.get()); | 147 cert_start_5min_expire_10min.get()); |
| 148 token_validator_->SelectCertificates(std::move(certificates)); | 148 token_validator_->SelectCertificates(&certificates); |
| 149 | 149 |
| 150 // Pick the best given all certificates. | 150 // Pick the best given all certificates. |
| 151 certificates = { cert_expired_5_minutes_ago, cert_start_5min_expire_5min, | 151 certificates = { cert_expired_5_minutes_ago, cert_start_5min_expire_5min, |
| 152 cert_start_5min_expire_10min, cert_start_10min_expire_5min }; | 152 cert_start_5min_expire_10min, cert_start_10min_expire_5min }; |
| 153 token_validator_->ExpectContinueWithCertificate( | 153 token_validator_->ExpectContinueWithCertificate( |
| 154 cert_start_5min_expire_10min.get()); | 154 cert_start_5min_expire_10min.get()); |
| 155 token_validator_->SelectCertificates(std::move(certificates)); | 155 token_validator_->SelectCertificates(&certificates); |
| 156 } | 156 } |
| 157 | 157 |
| 158 } // namespace remoting | 158 } // namespace remoting |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2848313003:
Revert of Remove client_certs from SSLCertRequestInfo. (Closed)
