| [email protected] | 9a6361d0 | 2013-03-23 16:27:52 | [diff] [blame] | 1 | // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
| 5 | #ifndef REMOTING_PROTOCOL_THIRD_PARTY_HOST_AUTHENTICATOR_H_ |
| 6 | #define REMOTING_PROTOCOL_THIRD_PARTY_HOST_AUTHENTICATOR_H_ |
| 7 | |
| 8 | #include <string> |
| 9 | |
| 10 | #include "base/callback.h" |
| 11 | #include "base/memory/scoped_ptr.h" |
| [email protected] | 9a6361d0 | 2013-03-23 16:27:52 | [diff] [blame] | 12 | #include "remoting/protocol/third_party_authenticator_base.h" |
| [email protected] | 9a6361d0 | 2013-03-23 16:27:52 | [diff] [blame] | 13 | |
| 14 | namespace remoting { |
| 15 | |
| 16 | class RsaKeyPair; |
| 17 | |
| 18 | namespace protocol { |
| 19 | |
| [email protected] | d95ee26 | 2014-02-26 06:30:31 | [diff] [blame] | 20 | class TokenValidator; |
| 21 | |
| [email protected] | 9a6361d0 | 2013-03-23 16:27:52 | [diff] [blame] | 22 | // Implements the host side of the third party authentication mechanism. |
| 23 | // The host authenticator sends the |token_url| and |scope| obtained from the |
| 24 | // |TokenValidator| to the client, and expects a |token| in response. |
| 25 | // Once that token is received, it calls |TokenValidator| asynchronously to |
| 26 | // validate it, and exchange it for a |shared_secret|. Once the |TokenValidator| |
| 27 | // returns, the host uses the |shared_secret| to create an underlying |
| 28 | // |V2Authenticator|, which is used to establish the encrypted connection. |
| 29 | class ThirdPartyHostAuthenticator : public ThirdPartyAuthenticatorBase { |
| 30 | public: |
| [email protected] | 9a6361d0 | 2013-03-23 16:27:52 | [diff] [blame] | 31 | // Creates a third-party host authenticator. |local_cert| and |key_pair| are |
| 32 | // used by the underlying V2Authenticator to create the SSL channels. |
| 33 | // |token_validator| contains the token parameters to be sent to the client |
| 34 | // and is used to obtain the shared secret. |
| 35 | ThirdPartyHostAuthenticator(const std::string& local_cert, |
| 36 | scoped_refptr<RsaKeyPair> key_pair, |
| 37 | scoped_ptr<TokenValidator> token_validator); |
| dcheng | 562aba5 | 2014-10-21 12:30:14 | [diff] [blame] | 38 | ~ThirdPartyHostAuthenticator() override; |
| [email protected] | 9a6361d0 | 2013-03-23 16:27:52 | [diff] [blame] | 39 | |
| 40 | protected: |
| 41 | // ThirdPartyAuthenticator implementation. |
| dcheng | 562aba5 | 2014-10-21 12:30:14 | [diff] [blame] | 42 | void ProcessTokenMessage(const buzz::XmlElement* message, |
| 43 | const base::Closure& resume_callback) override; |
| 44 | void AddTokenElements(buzz::XmlElement* message) override; |
| [email protected] | 9a6361d0 | 2013-03-23 16:27:52 | [diff] [blame] | 45 | |
| 46 | private: |
| 47 | void OnThirdPartyTokenValidated(const buzz::XmlElement* message, |
| 48 | const base::Closure& resume_callback, |
| 49 | const std::string& shared_secret); |
| 50 | |
| 51 | std::string local_cert_; |
| 52 | scoped_refptr<RsaKeyPair> key_pair_; |
| 53 | scoped_ptr<TokenValidator> token_validator_; |
| [email protected] | 4386f0a | 2013-04-06 04:50:43 | [diff] [blame] | 54 | |
| 55 | DISALLOW_COPY_AND_ASSIGN(ThirdPartyHostAuthenticator); |
| [email protected] | 9a6361d0 | 2013-03-23 16:27:52 | [diff] [blame] | 56 | }; |
| 57 | |
| 58 | } // namespace protocol |
| 59 | } // namespace remoting |
| 60 | |
| 61 | #endif // REMOTING_PROTOCOL_THIRD_PARTY_HOST_AUTHENTICATOR_H_ |
