Local Login on Mac, using OS X Security framework

BUG=None TEST=Connect to Mac host, and try correct or incorrect username/password for Local Login. Review URL: http://codereview.chromium.org/6605001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@76739 0039d316-1c4b-4281-b951-d872f2087c98
author: lambroslambrou@chromium.org <lambroslambrou@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2011-03-03 13:54:30 +0000
committer: lambroslambrou@chromium.org <lambroslambrou@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2011-03-03 13:54:30 +0000
commit: d73453228e2ce65824da45c9e6fd423a0bd1a3c7 (patch)
tree: c2ca40f92f653bb0728729237a279f1e0d5cd4f5
parent: 19d69b5d79048a3d69f6a0fbc5863eb74e547a5e (diff)
download: chromium_src-d73453228e2ce65824da45c9e6fd423a0bd1a3c7.zip
chromium_src-d73453228e2ce65824da45c9e6fd423a0bd1a3c7.tar.gz
chromium_src-d73453228e2ce65824da45c9e6fd423a0bd1a3c7.tar.bz2
3 files changed, 91 insertions, 4 deletions
diff --git a/remoting/host/user_authenticator_mac.cc b/remoting/host/user_authenticator_mac.cc
index 956484a..dd44b06 100644
--- a/remoting/host/user_authenticator_mac.cc
+++ b/remoting/host/user_authenticator_mac.cc
@@ -2,13 +2,73 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "remoting/host/user_authenticator_fake.h"
+#include "remoting/host/user_authenticator_mac.h"
+
+#include <Security/Security.h>
+
+#include <string>
+
+#include "base/logging.h"
 
 namespace remoting {
 
+static const char kAuthorizationRightName[] = "system.login.tty";
+
+UserAuthenticatorMac::UserAuthenticatorMac() {
+}
+
+UserAuthenticatorMac::~UserAuthenticatorMac() {
+}
+
+bool UserAuthenticatorMac::Authenticate(const std::string& username,
+                                        const std::string& password) {
+  // The authorization right being requested.  This particular right allows
+  // testing of a username/password, as if the user were logging on to the
+  // system locally.
+  AuthorizationItem right;
+  right.name = kAuthorizationRightName;
+  right.valueLength = 0;
+  right.value = NULL;
+  right.flags = 0;
+  AuthorizationRights rights;
+  rights.count = 1;
+  rights.items = &right;
+  // Passing the username/password as an "environment" parameter causes these
+  // to be submitted to the Security Framework, instead of the interactive
+  // password prompt appearing on the host system.  Valid on OS X 10.4 and
+  // later versions.
+  AuthorizationItem environment_items[2];
+  environment_items[0].name = kAuthorizationEnvironmentUsername;
+  environment_items[0].valueLength = username.size();
+  environment_items[0].value = const_cast<char*>(username.data());
+  environment_items[0].flags = 0;
+  environment_items[1].name = kAuthorizationEnvironmentPassword;
+  environment_items[1].valueLength = password.size();
+  environment_items[1].value = const_cast<char*>(password.data());
+  environment_items[1].flags = 0;
+  AuthorizationEnvironment environment;
+  environment.count = 2;
+  environment.items = environment_items;
+
+  OSStatus status = AuthorizationCreate(&rights, &environment,
+                                        kAuthorizationFlagExtendRights,
+                                        NULL);
+  switch (status) {
+    case errAuthorizationSuccess:
+      return true;
+
+    case errAuthorizationDenied:
+      return false;
+
+    default:
+      LOG(ERROR) << "AuthorizationCreate returned " << status;
+      return false;
+  }
+}
+
 // static
 UserAuthenticator* UserAuthenticator::Create() {
-  return new UserAuthenticatorFake();
+  return new UserAuthenticatorMac();
 }
 
 }  // namespace remoting
diff --git a/remoting/host/user_authenticator_mac.h b/remoting/host/user_authenticator_mac.h
new file mode 100644
index 0000000..bb99ce7
--- /dev/null
+++ b/remoting/host/user_authenticator_mac.h
@@ -0,0 +1,28 @@
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef REMOTING_HOST_USER_AUTHENTICATOR_MAC_H_
+#define REMOTING_HOST_USER_AUTHENTICATOR_MAC_H_
+
+#include <string>
+
+#include "base/basictypes.h"
+#include "remoting/host/user_authenticator.h"
+
+namespace remoting {
+
+class UserAuthenticatorMac : public UserAuthenticator {
+ public:
+  UserAuthenticatorMac();
+  virtual ~UserAuthenticatorMac();
+  virtual bool Authenticate(const std::string& username,
+                            const std::string& password);
+
+ private:
+  DISALLOW_COPY_AND_ASSIGN(UserAuthenticatorMac);
+};
+
+}  // namespace remoting
+
+#endif  // REMOTING_HOST_USER_AUTHENTICATOR_MAC_H_
diff --git a/remoting/remoting.gyp b/remoting/remoting.gyp
index d57af12..447553c 100644
--- a/remoting/remoting.gyp
+++ b/remoting/remoting.gyp
@@ -251,9 +251,8 @@
             'host/capturer_mac.h',
             'host/event_executor_mac.cc',
             'host/event_executor_mac.h',
-            'host/user_authenticator_fake.cc',
-            'host/user_authenticator_fake.h',
             'host/user_authenticator_mac.cc',
+            'host/user_authenticator_mac.h',
           ],
           'link_settings': {
             'libraries': [
author	lambroslambrou@chromium.org <lambroslambrou@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2011-03-03 13:54:30 +0000
committer	lambroslambrou@chromium.org <lambroslambrou@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2011-03-03 13:54:30 +0000
commit	d73453228e2ce65824da45c9e6fd423a0bd1a3c7 (patch)
tree	c2ca40f92f653bb0728729237a279f1e0d5cd4f5
parent	19d69b5d79048a3d69f6a0fbc5863eb74e547a5e (diff)
download	chromium_src-d73453228e2ce65824da45c9e6fd423a0bd1a3c7.zip chromium_src-d73453228e2ce65824da45c9e6fd423a0bd1a3c7.tar.gz chromium_src-d73453228e2ce65824da45c9e6fd423a0bd1a3c7.tar.bz2