Implement of privet/v3/auth after pairing.

chrome/browser/local_discovery/privetv3_session.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/local_discovery/privetv3_session.h"
 
 #include "base/base64.h"
 #include "base/json/json_writer.h"
 #include "base/logging.h"
 #include "base/message_loop/message_loop.h"
 #include "chrome/browser/local_discovery/privet_constants.h"
 #include "chrome/browser/local_discovery/privet_http.h"
 #include "chrome/browser/local_discovery/privet_url_fetcher.h"
 #include "chrome/common/cloud_print/cloud_print_constants.h"
 #include "crypto/hmac.h"
 #include "crypto/p224_spake.h"
 #include "url/gurl.h"
 
 namespace local_discovery {
 
 namespace {
 
 const char kPrivetV3AuthAnonymous[] = "Privet anonymous";
 const char kPrivetV3CryptoP224Spake2[] = "p224_spake2";
+const char kPrivetV3Auto[] = "auto";
 
 const char kPrivetV3InfoKeyAuth[] = "authentication";
 const char kPrivetV3InfoKeyVersion[] = "version";
 const char kPrivetV3InfoVersion[] = "3.0";
 
+const char kPrivetV3KeyAccessToken[] = "accessToken";
+const char kPrivetV3KeyAuthCode[] = "authCode";
 const char kPrivetV3KeyCertFingerprint[] = "certFingerprint";
 const char kPrivetV3KeyCertSignature[] = "certSignature";
 const char kPrivetV3KeyClientCommitment[] = "clientCommitment";
 const char kPrivetV3KeyCrypto[] = "crypto";
 const char kPrivetV3KeyDeviceCommitment[] = "deviceCommitment";
 const char kPrivetV3KeyMode[] = "mode";
 const char kPrivetV3KeyPairing[] = "pairing";
+const char kPrivetV3KeyRequestedScope[] = "requestedScope";
+const char kPrivetV3KeyScope[] = "scope";
 const char kPrivetV3KeySessionId[] = "sessionId";
+const char kPrivetV3KeyTokenType[] = "tokenType";
 
+const char kPrivetV3PairingStartPath[] = "/privet/v3/pairing/start";
 const char kPrivetV3PairingConfirmPath[] = "/privet/v3/pairing/confirm";
-const char kPrivetV3PairingStartPath[] = "/privet/v3/pairing/start";
+const char kPrivetV3AuthPath[] = "/privet/v3/auth";
 
 const char kUrlPlaceHolder[] = "http://host/";
 
 GURL CreatePrivetURL(const std::string& path) {
   GURL url(kUrlPlaceHolder);
   GURL::Replacements replacements;
   replacements.SetPathStr(path);
   return url.ReplaceComponents(replacements);
 }
 
@@ skipping 287 matching lines @@
 
   crypto::HMAC hmac(crypto::HMAC::SHA256);
   // Key will be verified below, using HMAC.
   const std::string& key = spake_->GetUnverifiedKey();
   if (!hmac.Init(reinterpret_cast<const unsigned char*>(key.c_str()),
                  key.size()) ||
       !hmac.Verify(fingerprint, signature)) {
     return callback.Run(Result::STATUS_SESSIONERROR);
   }
 
+  std::string auth_code(hmac.DigestLength(), ' ');
+  if (!hmac.Sign(session_id_,
+                 reinterpret_cast<unsigned char*>(string_as_array(&auth_code)),
+                 auth_code.size())) {
+    NOTREACHED();
+    return callback.Run(Result::STATUS_SESSIONERROR);
+  }
+  // From now this is expected certificate.
+  fingerprint_ = fingerprint;
+
+  std::string auth_code_base64;
+  base::Base64Encode(auth_code, &auth_code_base64);
+
+  base::DictionaryValue input;
+  input.SetString(kPrivetV3KeyAuthCode, auth_code_base64);
+  input.SetString(kPrivetV3KeyMode, kPrivetV3KeyPairing);
+  input.SetString(kPrivetV3KeyRequestedScope, kPrivetV3Auto);
+
+  // Now we can use SendMessage with certificate validateion.
+  SendMessage(kPrivetV3AuthPath, input,
+              base::Bind(&PrivetV3Session::OnAuthenticateDone,
+                         weak_ptr_factory_.GetWeakPtr(), callback));
+}
+
+void PrivetV3Session::OnAuthenticateDone(
+    const ResultCallback& callback,
+    Result result,
+    const base::DictionaryValue& response) {
+  if (result != Result::STATUS_SUCCESS)
+    return callback.Run(result);
+
+  std::string access_token;
+  std::string token_type;
+  std::string scope;
+  if (!response.GetString(kPrivetV3KeyAccessToken, &access_token) ||
+      !response.GetString(kPrivetV3KeyTokenType, &token_type) ||
+      !response.GetString(kPrivetV3KeyScope, &scope)) {
+    return callback.Run(Result::STATUS_SESSIONERROR);
+  }
+
+  privet_auth_token_ = token_type + " " + access_token;
+
   return callback.Run(Result::STATUS_SUCCESS);
 }
 
 void PrivetV3Session::SendMessage(const std::string& api,
                                   const base::DictionaryValue& input,
                                   const MessageCallback& callback) {
   // TODO(vitalybuka): Implement validating HTTPS certificate using
   // fingerprint_.
   if (fingerprint_.empty())
     return callback.Run(Result::STATUS_SESSIONERROR, base::DictionaryValue());
@@ skipping 31 matching lines @@
   fetchers_.push_back(new FetcherDelegate(weak_ptr_factory_.GetWeakPtr(),
                                           privet_auth_token_, callback));
   return fetchers_.back()->CreateURLFetcher(CreatePrivetURL(api), request_type);
 }
 
 void PrivetV3Session::DeleteFetcher(const FetcherDelegate* fetcher) {
   fetchers_.erase(std::find(fetchers_.begin(), fetchers_.end(), fetcher));
 }
 
 }  // namespace local_discovery