Token-based authentication for chromoting.

BUG=none
TEST=none

Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=49298

Review URL: http://codereview.chromium.org/2749004

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@49326 0039d316-1c4b-4281-b951-d872f2087c98

3 files changed, 50 insertions, 35 deletions

diff --git a/remoting/jingle_glue/jingle_client.cc b/remoting/jingle_glue/jingle_client.cc
index 66867f5..bf6baee 100644
--- a/remoting/jingle_glue/jingle_client.cc
+++ b/remoting/jingle_glue/jingle_client.cc
@@ -7,6 +7,7 @@
 #include "base/logging.h"
 #include "base/waitable_event.h"
 #include "base/message_loop.h"
+#include "chrome/common/net/notifier/communicator/gaia_token_pre_xmpp_auth.h"
 #include "chrome/common/net/notifier/communicator/xmpp_socket_adapter.h"
 #include "remoting/jingle_glue/jingle_thread.h"
 #include "remoting/jingle_glue/relay_port_allocator.h"
@@ -18,6 +19,8 @@
 #include "talk/session/tunnel/securetunnelsessionclient.h"
 #endif
 #include "talk/session/tunnel/tunnelsessionclient.h"
+#include "talk/xmpp/prexmppauth.h"
+#include "talk/xmpp/saslcookiemechanism.h"
 
 namespace remoting {
 
@@ -30,22 +33,20 @@ JingleClient::~JingleClient() {
   DCHECK(state_ == CLOSED);
 }
 
-void JingleClient::Init(const std::string& username,
-                        const std::string& password,
-                        Callback* callback) {
+void JingleClient::Init(
+    const std::string& username, const std::string& auth_token,
+    const std::string& auth_token_service, Callback* callback) {
   DCHECK(username != "");
   DCHECK(callback != NULL);
   DCHECK(thread_ == NULL);  // Init() can be called only once.
 
   callback_ = callback;
 
-  username_ = username;
-  password_ = password;
-
   thread_.reset(new JingleThread());
   thread_->Start();
   thread_->message_loop()->PostTask(
-      FROM_HERE, NewRunnableMethod(this, &JingleClient::DoInitialize));
+      FROM_HERE, NewRunnableMethod(this, &JingleClient::DoInitialize,
+                                   username, auth_token, auth_token_service));
 }
 
 class JingleClient::ConnectRequest {
@@ -108,27 +109,28 @@ void JingleClient::DoClose() {
   UpdateState(CLOSED);
 }
 
-void JingleClient::DoInitialize() {
-  buzz::Jid login_jid(username_);
-  talk_base::InsecureCryptStringImpl password;
-  password.password() = password_;
+void JingleClient::DoInitialize(const std::string& username,
+                                const std::string& auth_token,
+                                const std::string& auth_token_service) {
+  buzz::Jid login_jid(username);
 
-  buzz::XmppClientSettings xcs;
-  xcs.set_user(login_jid.node());
-  xcs.set_host(login_jid.domain());
-  xcs.set_resource("chromoting");
-  xcs.set_use_tls(true);
-  xcs.set_pass(talk_base::CryptString(password));
-  xcs.set_server(talk_base::SocketAddress("talk.google.com", 5222));
+  buzz::XmppClientSettings settings;
+  settings.set_user(login_jid.node());
+  settings.set_host(login_jid.domain());
+  settings.set_resource("chromoting");
+  settings.set_use_tls(true);
+  settings.set_token_service(auth_token_service);
+  settings.set_auth_cookie(auth_token);
+  settings.set_server(talk_base::SocketAddress("talk.google.com", 5222));
 
   client_ = new buzz::XmppClient(thread_->task_pump());
   client_->SignalStateChange.connect(
       this, &JingleClient::OnConnectionStateChanged);
 
   buzz::AsyncSocket* socket =
-      new notifier::XmppSocketAdapter(xcs, false);
+      new notifier::XmppSocketAdapter(settings, false);
 
-  client_->Connect(xcs, "", socket, NULL);
+  client_->Connect(settings, "", socket, CreatePreXmppAuth(settings));
   client_->Start();
 
   network_manager_.reset(new talk_base::NetworkManager());
@@ -224,4 +226,11 @@ void JingleClient::UpdateState(State new_state) {
   }
 }
 
+buzz::PreXmppAuth* JingleClient::CreatePreXmppAuth(
+    const buzz::XmppClientSettings& settings) {
+  buzz::Jid jid(settings.user(), settings.host(), buzz::STR_EMPTY);
+  return new notifier::GaiaTokenPreXmppAuth(jid.Str(), settings.auth_cookie(),
+                                            settings.token_service());
+}
+
 }  // namespace remoting
diff --git a/remoting/jingle_glue/jingle_client.h b/remoting/jingle_glue/jingle_client.h
index 56d97e1..2a68042 100644
--- a/remoting/jingle_glue/jingle_client.h
+++ b/remoting/jingle_glue/jingle_client.h
@@ -16,6 +16,10 @@ namespace talk_base {
 class NetworkManager;
 }  // namespace talk_base
 
+namespace buzz {
+class PreXmppAuth;
+}  // namespace buzz
+
 namespace cricket {
 class BasicPortAllocator;
 class SessionManager;
@@ -63,9 +67,8 @@ class JingleClient : public base::RefCountedThreadSafe<JingleClient>,
   // only once. message_loop() is guaranteed to exist after this method returns,
   // but the connection may not be open yet. |callback| specifies callback
   // object for the client and must not be NULL.
-  // TODO(sergeyu): Replace password with a token.
-  void Init(const std::string& username, const std::string& password,
-            Callback* callback);
+  void Init(const std::string& username, const std::string& auth_token,
+            const std::string& auth_token_service, Callback* callback);
 
   // Creates new JingleChannel connected to the host with the specified jid.
   // The result is returned immediately but the channel fails if the host
@@ -101,7 +104,9 @@ class JingleClient : public base::RefCountedThreadSafe<JingleClient>,
   void OnIncomingTunnel(cricket::TunnelSessionClient* client, buzz::Jid jid,
                         std::string description, cricket::Session* session);
 
-  void DoInitialize();
+  void DoInitialize(const std::string& username,
+                    const std::string& auth_token,
+                    const std::string& auth_token_service);
 
   // Used by Connect().
   void DoConnect(ConnectRequest* request,
@@ -115,13 +120,15 @@ class JingleClient : public base::RefCountedThreadSafe<JingleClient>,
   // the jingle thread.
   void UpdateState(State new_state);
 
+  buzz::PreXmppAuth* CreatePreXmppAuth(
+      const buzz::XmppClientSettings& settings);
+
+
   buzz::XmppClient* client_;
   scoped_ptr<JingleThread> thread_;
   State state_;
   Callback* callback_;
 
-  std::string username_;
-  std::string password_;
   Lock full_jid_lock_;
   std::string full_jid_;
 
diff --git a/remoting/jingle_glue/jingle_test_client.cc b/remoting/jingle_glue/jingle_test_client.cc
index 38677fe..7bf33c0 100644
--- a/remoting/jingle_glue/jingle_test_client.cc
+++ b/remoting/jingle_glue/jingle_test_client.cc
@@ -15,11 +15,13 @@ extern "C" {
 
 #include "base/at_exit.h"
 #include "media/base/data_buffer.h"
+#include "remoting/base/constants.h"
 #include "remoting/jingle_glue/jingle_channel.h"
 #include "remoting/jingle_glue/jingle_client.h"
 
 using remoting::JingleClient;
 using remoting::JingleChannel;
+using remoting::kChromotingTokenServiceName;
 
 void SetConsoleEcho(bool on) {
 #if defined(OS_WIN)
@@ -51,10 +53,10 @@ class JingleTestClient : public JingleChannel::Callback,
  public:
   virtual ~JingleTestClient() {}
 
-  void Run(const std::string& username, const std::string& password,
+  void Run(const std::string& username, const std::string& auth_token,
            const std::string& host_jid) {
     client_ = new JingleClient();
-    client_->Init(username, password, this);
+    client_->Init(username, auth_token, kChromotingTokenServiceName, this);
 
     if (host_jid != "") {
       scoped_refptr<JingleChannel> channel = client_->Connect(host_jid, this);
@@ -144,16 +146,13 @@ int main(int argc, char** argv) {
   std::cout << "JID: ";
   std::cin >> username;
 
-  std::string password;
-  SetConsoleEcho(false);
-  std::cout << "Password: ";
-  std::cin >> password;
-  SetConsoleEcho(true);
-  std::cout << std::endl;
+  std::string auth_token;
+  std::cout << "Auth token: ";
+  std::cin >> auth_token;
 
   JingleTestClient client;
 
-  client.Run(username, password, host_jid);
+  client.Run(username, auth_token, host_jid);
 
   return 0;
 }