diff options
author | dharani@chromium.org <dharani@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-05-22 03:16:02 +0000 |
---|---|---|
committer | dharani@chromium.org <dharani@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-05-22 03:16:02 +0000 |
commit | 14e66abe9c27f1e728a749950a78f837ac538c73 (patch) | |
tree | 350f3c5896ecd8512c5ca6753eae92b107eea31c /remoting/jingle_glue | |
parent | c6fd597a6bfb6500312aacb473417abaf7baa831 (diff) | |
download | chromium_src-14e66abe9c27f1e728a749950a78f837ac538c73.zip chromium_src-14e66abe9c27f1e728a749950a78f837ac538c73.tar.gz chromium_src-14e66abe9c27f1e728a749950a78f837ac538c73.tar.bz2 |
This broke M20 build.
Revert 137824 - Properly handle accounts that don't have GMail account.
1. Me2MeHostAuthenticatorFactory now verifies that the bare
JID of the remote client matches bare JID of the host.
Previously it was comparing it with the user's email,
which may be different from JID.
2. GaiaOAuthClient now fetches user's email.
3. SignalingConnector verifies that user's email matches
the expected value stored in xmpp_login. If it doesn't,
then the auth token was generated for a different account
and the host treats it as an authentication error.
BUG=128102
Review URL: https://chromiumcodereview.appspot.com/10332187
TBR=sergeyu@chromium.org
Review URL: https://chromiumcodereview.appspot.com/10388226
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@138204 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'remoting/jingle_glue')
-rw-r--r-- | remoting/jingle_glue/xmpp_signal_strategy.cc | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/remoting/jingle_glue/xmpp_signal_strategy.cc b/remoting/jingle_glue/xmpp_signal_strategy.cc index 5cac0fc..6ae4f1a 100644 --- a/remoting/jingle_glue/xmpp_signal_strategy.cc +++ b/remoting/jingle_glue/xmpp_signal_strategy.cc @@ -167,6 +167,24 @@ void XmppSignalStrategy::OnConnectionStateChanged( DCHECK(CalledOnValidThread()); if (state == buzz::XmppEngine::STATE_OPEN) { + // Verify that the JID that we've received matches the username + // that we have. If it doesn't, then the OAuth token was probably + // issued for a different account, so we treat is a an auth error. + // + // TODO(sergeyu): Some user accounts may not have associated + // e-mail address. The check below will fail for such + // accounts. Make sure we can handle this case proprely. + if (!StartsWithASCII(GetLocalJid(), username_, false)) { + LOG(ERROR) << "Received JID that is different from the expected value."; + error_ = AUTHENTICATION_FAILED; + xmpp_client_->SignalStateChange.disconnect(this); + MessageLoop::current()->PostTask( + FROM_HERE, base::Bind(&DisconnectXmppClient, xmpp_client_)); + xmpp_client_ = NULL; + SetState(DISCONNECTED); + return; + } + keep_alive_timer_.Start( FROM_HERE, base::TimeDelta::FromSeconds(kKeepAliveIntervalSeconds), this, &XmppSignalStrategy::SendKeepAlive); |