| OLD | NEW |
|---|
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "remoting/host/token_validator_base.h" | 5 #include "remoting/host/token_validator_base.h" |
| 6 | 6 |
| 7 #include <vector> | 7 #include <vector> |
| 8 | 8 |
| 9 #include "base/atomic_sequence_num.h" | 9 #include "base/atomic_sequence_num.h" |
| 10 #include "crypto/rsa_private_key.h" | 10 #include "crypto/rsa_private_key.h" |
| 11 #include "net/cert/x509_util.h" | 11 #include "net/cert/x509_util.h" |
| 12 #include "net/ssl/client_cert_identity_test_util.h" |
| 12 #include "testing/gtest/include/gtest/gtest.h" | 13 #include "testing/gtest/include/gtest/gtest.h" |
| 13 | 14 |
| 14 namespace { | 15 namespace { |
| 15 | 16 |
| 16 const char kTokenUrl[] = "https://example.com/token"; | 17 const char kTokenUrl[] = "https://example.com/token"; |
| 17 const char kTokenValidationUrl[] = "https://example.com/validate"; | 18 const char kTokenValidationUrl[] = "https://example.com/validate"; |
| 18 const char kTokenValidationCertIssuer[] = "*"; | 19 const char kTokenValidationCertIssuer[] = "*"; |
| 19 | 20 |
| 20 base::StaticAtomicSequenceNumber g_serial_number; | 21 base::StaticAtomicSequenceNumber g_serial_number; |
| 21 | 22 |
| (...skipping 15 matching lines...) Expand all Loading... |
| 37 class TestTokenValidator : TokenValidatorBase { | 38 class TestTokenValidator : TokenValidatorBase { |
| 38 public: | 39 public: |
| 39 explicit TestTokenValidator(const ThirdPartyAuthConfig& config); | 40 explicit TestTokenValidator(const ThirdPartyAuthConfig& config); |
| 40 ~TestTokenValidator() override; | 41 ~TestTokenValidator() override; |
| 41 | 42 |
| 42 void SelectCertificates(net::CertificateList selected_certs); | 43 void SelectCertificates(net::CertificateList selected_certs); |
| 43 | 44 |
| 44 void ExpectContinueWithCertificate(net::X509Certificate* client_cert); | 45 void ExpectContinueWithCertificate(net::X509Certificate* client_cert); |
| 45 | 46 |
| 46 protected: | 47 protected: |
| 47 void ContinueWithCertificate(net::X509Certificate* client_cert, | 48 void ContinueWithCertificate( |
| 48 net::SSLPrivateKey* client_private_key) override; | 49 scoped_refptr<net::X509Certificate> client_cert, |
| 50 scoped_refptr<net::SSLPrivateKey> client_private_key) override; |
| 49 | 51 |
| 50 private: | 52 private: |
| 51 void StartValidateRequest(const std::string& token) override {} | 53 void StartValidateRequest(const std::string& token) override {} |
| 52 | 54 |
| 53 net::X509Certificate* expected_client_cert_ = nullptr; | 55 net::X509Certificate* expected_client_cert_ = nullptr; |
| 54 }; | 56 }; |
| 55 | 57 |
| 56 TestTokenValidator::TestTokenValidator(const ThirdPartyAuthConfig& config) : | 58 TestTokenValidator::TestTokenValidator(const ThirdPartyAuthConfig& config) : |
| 57 TokenValidatorBase(config, "", nullptr) { | 59 TokenValidatorBase(config, "", nullptr) { |
| 58 } | 60 } |
| 59 | 61 |
| 60 TestTokenValidator::~TestTokenValidator() {} | 62 TestTokenValidator::~TestTokenValidator() {} |
| 61 | 63 |
| 62 void TestTokenValidator::SelectCertificates( | 64 void TestTokenValidator::SelectCertificates( |
| 63 net::CertificateList selected_certs) { | 65 net::CertificateList selected_certs) { |
| 64 OnCertificatesSelected(nullptr, std::move(selected_certs)); | 66 OnCertificatesSelected( |
| 67 nullptr, |
| 68 net::FakeClientCertIdentityListFromCertificateList(selected_certs)); |
| 65 } | 69 } |
| 66 | 70 |
| 67 void TestTokenValidator::ExpectContinueWithCertificate( | 71 void TestTokenValidator::ExpectContinueWithCertificate( |
| 68 net::X509Certificate* client_cert) { | 72 net::X509Certificate* client_cert) { |
| 69 expected_client_cert_ = client_cert; | 73 expected_client_cert_ = client_cert; |
| 70 } | 74 } |
| 71 | 75 |
| 72 void TestTokenValidator::ContinueWithCertificate( | 76 void TestTokenValidator::ContinueWithCertificate( |
| 73 net::X509Certificate* client_cert, | 77 scoped_refptr<net::X509Certificate> client_cert, |
| 74 net::SSLPrivateKey* client_private_key) { | 78 scoped_refptr<net::SSLPrivateKey> client_private_key) { |
| 75 EXPECT_EQ(expected_client_cert_, client_cert); | 79 // XXX test private key |
| 80 EXPECT_EQ(expected_client_cert_, client_cert.get()); |
| 76 } | 81 } |
| 77 | 82 |
| 78 class TokenValidatorBaseTest : public testing::Test { | 83 class TokenValidatorBaseTest : public testing::Test { |
| 79 public: | 84 public: |
| 80 void SetUp() override; | 85 void SetUp() override; |
| 81 protected: | 86 protected: |
| 82 std::unique_ptr<TestTokenValidator> token_validator_; | 87 std::unique_ptr<TestTokenValidator> token_validator_; |
| 83 }; | 88 }; |
| 84 | 89 |
| 85 void TokenValidatorBaseTest::SetUp() { | 90 void TokenValidatorBaseTest::SetUp() { |
| (...skipping 63 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 149 | 154 |
| 150 // Pick the best given all certificates. | 155 // Pick the best given all certificates. |
| 151 certificates = { cert_expired_5_minutes_ago, cert_start_5min_expire_5min, | 156 certificates = { cert_expired_5_minutes_ago, cert_start_5min_expire_5min, |
| 152 cert_start_5min_expire_10min, cert_start_10min_expire_5min }; | 157 cert_start_5min_expire_10min, cert_start_10min_expire_5min }; |
| 153 token_validator_->ExpectContinueWithCertificate( | 158 token_validator_->ExpectContinueWithCertificate( |
| 154 cert_start_5min_expire_10min.get()); | 159 cert_start_5min_expire_10min.get()); |
| 155 token_validator_->SelectCertificates(std::move(certificates)); | 160 token_validator_->SelectCertificates(std::move(certificates)); |
| 156 } | 161 } |
| 157 | 162 |
| 158 } // namespace remoting | 163 } // namespace remoting |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2898573002:
Refactor client cert private key handling. (Closed)
