OLD | NEW |
---|---|
(Empty) | |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "remoting/host/third_party_auth_config.h" | |
6 | |
7 #include "base/logging.h" | |
8 #include "base/values.h" | |
9 #include "policy/policy_constants.h" | |
10 | |
11 namespace remoting { | |
12 | |
13 namespace key = ::policy::key; | |
Sergey Ulanov
2015/02/27 03:05:19
nit: I don't think this is useful give that you re
Łukasz Anforowicz
2015/02/27 18:36:12
Done.
| |
14 | |
15 namespace { | |
16 | |
17 bool ParseSecureUrl(const std::string& str, GURL* out) { | |
Sergey Ulanov
2015/02/27 03:05:19
call it ParseUrlPolicy()? with current name accept
Łukasz Anforowicz
2015/02/27 18:36:12
Done.
| |
18 if (str.empty()) { | |
19 *out = GURL(); | |
20 return true; | |
21 } | |
22 | |
23 GURL gurl(str); | |
24 if (!gurl.is_valid()) { | |
25 LOG(ERROR) << "Not a valid URL: " << str; | |
26 return false; | |
27 } | |
28 if (!gurl.SchemeIsSecure()) { | |
29 LOG(ERROR) << "Not a secure URL: " << str; | |
30 return false; | |
31 } | |
32 | |
33 *out = gurl; | |
34 return true; | |
35 } | |
36 | |
37 } // namespace | |
38 | |
39 bool ThirdPartyAuthConfig::Parse( | |
40 const std::string& token_url, | |
41 const std::string& token_validation_url, | |
42 const std::string& token_validation_cert_issuer, | |
43 ThirdPartyAuthConfig* out) { | |
Sergey Ulanov
2015/02/27 03:05:19
call it |result|
Łukasz Anforowicz
2015/02/27 18:36:12
Done.
| |
44 bool success = true; | |
45 ThirdPartyAuthConfig tmp; | |
46 | |
47 // Extract raw values for the 3 individial fields. | |
48 success &= ParseSecureUrl(token_url, &tmp.token_url); | |
49 success &= ParseSecureUrl(token_validation_url, &tmp.token_validation_url); | |
Sergey Ulanov
2015/02/27 03:05:19
I think the checks below make little sense if you
Łukasz Anforowicz
2015/02/27 18:36:12
Good point. Done.
| |
50 tmp.token_validation_cert_issuer = token_validation_cert_issuer; | |
51 | |
52 // Validate inter-dependencies between the 3 fields. | |
53 if (tmp.token_url.is_empty() ^ tmp.token_validation_url.is_empty()) { | |
54 LOG(ERROR) << "TokenUrl and TokenValidationUrl " | |
55 << "have to be specified together."; | |
56 success = false; | |
Sergey Ulanov
2015/02/27 03:05:19
return false?
Łukasz Anforowicz
2015/02/27 18:36:12
Done. It is indeed cleaner to only have a "local"
| |
57 } | |
58 if (!tmp.token_validation_cert_issuer.empty() && tmp.token_url.is_empty()) { | |
59 LOG(ERROR) << "TokenValidationCertificateIssuer cannot be used " | |
60 << "without TokenUrl and TokenValidationUrl."; | |
61 success = false; | |
Sergey Ulanov
2015/02/27 03:05:19
return false?
Łukasz Anforowicz
2015/02/27 18:36:12
Done.
| |
62 } | |
63 | |
64 if (success) { | |
65 *out = tmp; | |
66 } | |
67 return success; | |
68 } | |
69 | |
70 namespace { | |
71 | |
72 void ExtractHelper(const base::DictionaryValue& policy_dict, | |
73 const std::string& policy_name, | |
74 bool* policy_present, | |
75 std::string* policy_value) { | |
76 if (policy_dict.GetString(policy_name, policy_value)) { | |
77 *policy_present = true; | |
78 } else { | |
79 policy_value->clear(); | |
80 } | |
81 } | |
82 | |
83 } // namespace | |
84 | |
85 bool ThirdPartyAuthConfig::ExtractPolicyValues( | |
86 const base::DictionaryValue& policy_dict, | |
87 std::string* token_url, | |
88 std::string* token_validation_url, | |
89 std::string* token_validation_cert_issuer) { | |
90 bool policies_present = false; | |
91 ExtractHelper(policy_dict, key::kRemoteAccessHostTokenUrl, &policies_present, | |
92 token_url); | |
93 ExtractHelper(policy_dict, key::kRemoteAccessHostTokenValidationUrl, | |
94 &policies_present, token_validation_url); | |
95 ExtractHelper(policy_dict, | |
96 key::kRemoteAccessHostTokenValidationCertificateIssuer, | |
97 &policies_present, token_validation_cert_issuer); | |
98 return policies_present; | |
99 } | |
100 | |
101 std::ostream& operator<<(std::ostream& os, const ThirdPartyAuthConfig& cfg) { | |
102 if (cfg.is_empty()) { | |
103 os << "<no 3rd party auth config specified>"; | |
104 } else { | |
105 os << "TokenUrl = " << cfg.token_url << ", "; | |
106 os << "TokenValidationUrl = " << cfg.token_validation_url << ", "; | |
107 os << "TokenValidationCertificateIssuer = " | |
108 << cfg.token_validation_cert_issuer; | |
109 } | |
110 return os; | |
111 } | |
112 | |
113 } // namespace remoting | |
OLD | NEW |