OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "remoting/host/token_validator_base.h" | 5 #include "remoting/host/token_validator_base.h" |
6 | 6 |
7 #include "base/base64.h" | 7 #include "base/base64.h" |
8 #include "base/bind.h" | 8 #include "base/bind.h" |
9 #include "base/callback.h" | 9 #include "base/callback.h" |
10 #include "base/json/json_reader.h" | 10 #include "base/json/json_reader.h" |
(...skipping 104 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
115 net::ClientCertStore* client_cert_store; | 115 net::ClientCertStore* client_cert_store; |
116 #if defined(USE_NSS) | 116 #if defined(USE_NSS) |
117 client_cert_store = new net::ClientCertStoreNSS( | 117 client_cert_store = new net::ClientCertStoreNSS( |
118 net::ClientCertStoreNSS::PasswordDelegateFactory()); | 118 net::ClientCertStoreNSS::PasswordDelegateFactory()); |
119 #elif defined(OS_WIN) | 119 #elif defined(OS_WIN) |
120 client_cert_store = new net::ClientCertStoreWin(); | 120 client_cert_store = new net::ClientCertStoreWin(); |
121 #elif defined(OS_MACOSX) | 121 #elif defined(OS_MACOSX) |
122 client_cert_store = new net::ClientCertStoreMac(); | 122 client_cert_store = new net::ClientCertStoreMac(); |
123 #elif defined(USE_OPENSSL) | 123 #elif defined(USE_OPENSSL) |
124 // OpenSSL does not use the ClientCertStore infrastructure. | 124 // OpenSSL does not use the ClientCertStore infrastructure. |
125 client_cert_store = NULL; | 125 client_cert_store = nullptr; |
126 #else | 126 #else |
127 #error Unknown platform. | 127 #error Unknown platform. |
128 #endif | 128 #endif |
129 // The callback is uncancellable, and GetClientCert requires selected_certs | 129 // The callback is uncancellable, and GetClientCert requires selected_certs |
130 // and client_cert_store to stay alive until the callback is called. So we | 130 // and client_cert_store to stay alive until the callback is called. So we |
131 // must give it a WeakPtr for |this|, and ownership of the other parameters. | 131 // must give it a WeakPtr for |this|, and ownership of the other parameters. |
132 net::CertificateList* selected_certs(new net::CertificateList()); | 132 net::CertificateList* selected_certs(new net::CertificateList()); |
133 client_cert_store->GetClientCerts( | 133 client_cert_store->GetClientCerts( |
134 *cert_request_info, selected_certs, | 134 *cert_request_info, selected_certs, |
135 base::Bind(&TokenValidatorBase::OnCertificatesSelected, | 135 base::Bind(&TokenValidatorBase::OnCertificatesSelected, |
136 weak_factory_.GetWeakPtr(), base::Owned(selected_certs), | 136 weak_factory_.GetWeakPtr(), base::Owned(selected_certs), |
137 base::Owned(client_cert_store))); | 137 base::Owned(client_cert_store))); |
138 } | 138 } |
139 | 139 |
140 void TokenValidatorBase::OnCertificatesSelected( | 140 void TokenValidatorBase::OnCertificatesSelected( |
141 net::CertificateList* selected_certs, | 141 net::CertificateList* selected_certs, |
142 net::ClientCertStore* unused) { | 142 net::ClientCertStore* unused) { |
143 const std::string& issuer = | 143 const std::string& issuer = |
144 third_party_auth_config_.token_validation_cert_issuer; | 144 third_party_auth_config_.token_validation_cert_issuer; |
145 if (request_) { | 145 if (request_) { |
146 for (size_t i = 0; i < selected_certs->size(); ++i) { | 146 for (size_t i = 0; i < selected_certs->size(); ++i) { |
147 if (issuer == kCertIssuerWildCard || | 147 if (issuer == kCertIssuerWildCard || |
148 issuer == (*selected_certs)[i]->issuer().common_name) { | 148 issuer == (*selected_certs)[i]->issuer().common_name) { |
149 request_->ContinueWithCertificate((*selected_certs)[i].get()); | 149 request_->ContinueWithCertificate((*selected_certs)[i].get()); |
150 return; | 150 return; |
151 } | 151 } |
152 } | 152 } |
153 request_->ContinueWithCertificate(NULL); | 153 request_->ContinueWithCertificate(nullptr); |
154 } | 154 } |
155 } | 155 } |
156 | 156 |
157 bool TokenValidatorBase::IsValidScope(const std::string& token_scope) { | 157 bool TokenValidatorBase::IsValidScope(const std::string& token_scope) { |
158 // TODO(rmsousa): Deal with reordering/subsets/supersets/aliases/etc. | 158 // TODO(rmsousa): Deal with reordering/subsets/supersets/aliases/etc. |
159 return token_scope == token_scope_; | 159 return token_scope == token_scope_; |
160 } | 160 } |
161 | 161 |
162 std::string TokenValidatorBase::ProcessResponse() { | 162 std::string TokenValidatorBase::ProcessResponse() { |
163 // Verify that we got a successful response. | 163 // Verify that we got a successful response. |
(...skipping 27 matching lines...) Expand all Loading... |
191 return std::string(); | 191 return std::string(); |
192 } | 192 } |
193 | 193 |
194 std::string shared_secret; | 194 std::string shared_secret; |
195 // Everything is valid, so return the shared secret to the caller. | 195 // Everything is valid, so return the shared secret to the caller. |
196 dict->GetStringWithoutPathExpansion("access_token", &shared_secret); | 196 dict->GetStringWithoutPathExpansion("access_token", &shared_secret); |
197 return shared_secret; | 197 return shared_secret; |
198 } | 198 } |
199 | 199 |
200 } // namespace remoting | 200 } // namespace remoting |
OLD | NEW |