Host-side third party token validation

This creates a TokenValidator implementation on the host, that upon receiving a token: Signs the token with its private key. Uses URLFetcher to request the exchange of the token for a secret from the Token Validation URL. On receiving a reply, checks that the scope in the reply matches the one required for this connection. Uses the callback to send the shared_token back to the authentication layer. (The server will authenticate the host by checking that the token signature matches the host public key that the client included in the token request) BUG=115899 Review URL: https://chromiumcodereview.appspot.com/12313085 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@192701 0039d316-1c4b-4281-b951-d872f2087c98
author: rmsousa@chromium.org <rmsousa@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2013-04-06 04:50:43 +0000
committer: rmsousa@chromium.org <rmsousa@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2013-04-06 04:50:43 +0000
commit: 4386f0a9e032a669a6e6c311965ff3a9903850b9 (patch)
tree: d98e16fb9510c3391b780459c7d0f4b864af02d7 /remoting/protocol
parent: 46ad339269e5805bb499ebb76ce1077ff8c8d5be (diff)
download: chromium_src-4386f0a9e032a669a6e6c311965ff3a9903850b9.zip
chromium_src-4386f0a9e032a669a6e6c311965ff3a9903850b9.tar.gz
chromium_src-4386f0a9e032a669a6e6c311965ff3a9903850b9.tar.bz2
7 files changed, 147 insertions, 26 deletions
diff --git a/remoting/protocol/it2me_host_authenticator_factory.cc b/remoting/protocol/it2me_host_authenticator_factory.cc
index e9f6c09..e5e446a 100644
--- a/remoting/protocol/it2me_host_authenticator_factory.cc
+++ b/remoting/protocol/it2me_host_authenticator_factory.cc
@@ -27,8 +27,8 @@ scoped_ptr<Authenticator> It2MeHostAuthenticatorFactory::CreateAuthenticator(
     const std::string& local_jid,
     const std::string& remote_jid,
     const buzz::XmlElement* first_message) {
-  return scoped_ptr<Authenticator>(new NegotiatingHostAuthenticator(
-      local_cert_, key_pair_, shared_secret_, AuthenticationMethod::NONE));
+  return NegotiatingHostAuthenticator::CreateWithSharedSecret(
+      local_cert_, key_pair_, shared_secret_, AuthenticationMethod::NONE);
 }
 
 }  // namespace protocol
diff --git a/remoting/protocol/me2me_host_authenticator_factory.cc b/remoting/protocol/me2me_host_authenticator_factory.cc
index 4ee7b65..5d908e7 100644
--- a/remoting/protocol/me2me_host_authenticator_factory.cc
+++ b/remoting/protocol/me2me_host_authenticator_factory.cc
@@ -58,13 +58,43 @@ class RejectingAuthenticator : public Authenticator {
 
 }  // namespace
 
-Me2MeHostAuthenticatorFactory::Me2MeHostAuthenticatorFactory(
+// static
+scoped_ptr<AuthenticatorFactory>
+Me2MeHostAuthenticatorFactory::CreateWithSharedSecret(
     const std::string& local_cert,
     scoped_refptr<RsaKeyPair> key_pair,
-    const SharedSecretHash& shared_secret_hash)
-    : local_cert_(local_cert),
-      key_pair_(key_pair),
-      shared_secret_hash_(shared_secret_hash) {
+    const SharedSecretHash& shared_secret_hash) {
+  scoped_ptr<Me2MeHostAuthenticatorFactory> result(
+      new Me2MeHostAuthenticatorFactory());
+  result->local_cert_ = local_cert;
+  result->key_pair_ = key_pair;
+  result->shared_secret_hash_ = shared_secret_hash;
+  return scoped_ptr<AuthenticatorFactory>(result.Pass());
+}
+
+
+// static
+scoped_ptr<AuthenticatorFactory>
+Me2MeHostAuthenticatorFactory::CreateWithThirdPartyAuth(
+    const std::string& local_cert,
+    scoped_refptr<RsaKeyPair> key_pair,
+    scoped_ptr<ThirdPartyHostAuthenticator::TokenValidatorFactory>
+        token_validator_factory) {
+  scoped_ptr<Me2MeHostAuthenticatorFactory> result(
+      new Me2MeHostAuthenticatorFactory());
+  result->local_cert_ = local_cert;
+  result->key_pair_ = key_pair;
+  result->token_validator_factory_ = token_validator_factory.Pass();
+  return scoped_ptr<AuthenticatorFactory>(result.Pass());
+}
+
+// static
+scoped_ptr<AuthenticatorFactory>
+    Me2MeHostAuthenticatorFactory::CreateRejecting() {
+  return scoped_ptr<AuthenticatorFactory>(new Me2MeHostAuthenticatorFactory());
+}
+
+Me2MeHostAuthenticatorFactory::Me2MeHostAuthenticatorFactory() {
 }
 
 Me2MeHostAuthenticatorFactory::~Me2MeHostAuthenticatorFactory() {
@@ -91,9 +121,20 @@ scoped_ptr<Authenticator> Me2MeHostAuthenticatorFactory::CreateAuthenticator(
     return scoped_ptr<Authenticator>(new RejectingAuthenticator());
   }
 
-  return scoped_ptr<Authenticator>(new NegotiatingHostAuthenticator(
-      local_cert_, key_pair_, shared_secret_hash_.value,
-      shared_secret_hash_.hash_function));
+  if (!local_cert_.empty() && key_pair_) {
+    if (token_validator_factory_) {
+      return NegotiatingHostAuthenticator::CreateWithThirdPartyAuth(
+          local_cert_, key_pair_,
+          token_validator_factory_->CreateTokenValidator(
+              local_jid, remote_jid));
+    }
+
+    return NegotiatingHostAuthenticator::CreateWithSharedSecret(
+        local_cert_, key_pair_, shared_secret_hash_.value,
+        shared_secret_hash_.hash_function);
+  }
+
+  return scoped_ptr<Authenticator>(new RejectingAuthenticator());
 }
 
 }  // namespace protocol
diff --git a/remoting/protocol/me2me_host_authenticator_factory.h b/remoting/protocol/me2me_host_authenticator_factory.h
index e6375a2..7d0eebe 100644
--- a/remoting/protocol/me2me_host_authenticator_factory.h
+++ b/remoting/protocol/me2me_host_authenticator_factory.h
@@ -13,6 +13,7 @@
 #include "base/memory/scoped_ptr.h"
 #include "remoting/protocol/authentication_method.h"
 #include "remoting/protocol/authenticator.h"
+#include "remoting/protocol/third_party_host_authenticator.h"
 
 namespace remoting {
 
@@ -22,10 +23,22 @@ namespace protocol {
 
 class Me2MeHostAuthenticatorFactory : public AuthenticatorFactory {
  public:
-  Me2MeHostAuthenticatorFactory(
+  // Create a factory that dispenses shared secret authenticators.
+  static scoped_ptr<AuthenticatorFactory> CreateWithSharedSecret(
       const std::string& local_cert,
       scoped_refptr<RsaKeyPair> key_pair,
       const SharedSecretHash& shared_secret_hash);
+  // Create a factory that dispenses third party authenticators.
+  static scoped_ptr<AuthenticatorFactory> CreateWithThirdPartyAuth(
+      const std::string& local_cert,
+      scoped_refptr<RsaKeyPair> key_pair,
+      scoped_ptr<ThirdPartyHostAuthenticator::TokenValidatorFactory>
+          token_validator_factory);
+  // Create a factory that dispenses rejecting authenticators (used when the
+  // host config/policy is inconsistent)
+  static scoped_ptr<AuthenticatorFactory> CreateRejecting();
+
+  Me2MeHostAuthenticatorFactory();
   virtual ~Me2MeHostAuthenticatorFactory();
 
   // AuthenticatorFactory interface.
@@ -35,11 +48,17 @@ class Me2MeHostAuthenticatorFactory : public AuthenticatorFactory {
       const buzz::XmlElement* first_message) OVERRIDE;
 
  private:
-  std::string local_jid_prefix_;
+  // Used for all host authenticators.
   std::string local_cert_;
   scoped_refptr<RsaKeyPair> key_pair_;
+
+  // Used only for shared secret host authenticators.
   SharedSecretHash shared_secret_hash_;
 
+  // Used only for third party host authenticators.
+  scoped_ptr<ThirdPartyHostAuthenticator::TokenValidatorFactory>
+      token_validator_factory_;
+
   DISALLOW_COPY_AND_ASSIGN(Me2MeHostAuthenticatorFactory);
 };
 
diff --git a/remoting/protocol/negotiating_authenticator_unittest.cc b/remoting/protocol/negotiating_authenticator_unittest.cc
index 1a6e93f..e33b7d6 100644
--- a/remoting/protocol/negotiating_authenticator_unittest.cc
+++ b/remoting/protocol/negotiating_authenticator_unittest.cc
@@ -49,8 +49,8 @@ class NegotiatingAuthenticatorTest : public AuthenticatorTestBase {
       bool client_hmac_only) {
     std::string host_secret_hash = AuthenticationMethod::ApplyHashFunction(
         hash_function, kTestHostId, host_secret);
-    host_.reset(new NegotiatingHostAuthenticator(
-        host_cert_, key_pair_, host_secret_hash, hash_function));
+    host_ = NegotiatingHostAuthenticator::CreateWithSharedSecret(
+        host_cert_, key_pair_, host_secret_hash, hash_function);
 
     std::vector<AuthenticationMethod> methods;
     methods.push_back(AuthenticationMethod::Spake2(
diff --git a/remoting/protocol/negotiating_host_authenticator.cc b/remoting/protocol/negotiating_host_authenticator.cc
index c54b6af..f60a6d2 100644
--- a/remoting/protocol/negotiating_host_authenticator.cc
+++ b/remoting/protocol/negotiating_host_authenticator.cc
@@ -21,15 +21,36 @@ namespace protocol {
 
 NegotiatingHostAuthenticator::NegotiatingHostAuthenticator(
     const std::string& local_cert,
-    scoped_refptr<RsaKeyPair> key_pair,
-    const std::string& shared_secret_hash,
-    AuthenticationMethod::HashFunction hash_function)
+    scoped_refptr<RsaKeyPair> key_pair)
     : NegotiatingAuthenticatorBase(WAITING_MESSAGE),
       local_cert_(local_cert),
-      local_key_pair_(key_pair),
-      shared_secret_hash_(shared_secret_hash) {
+      local_key_pair_(key_pair) {
+}
 
-  AddMethod(AuthenticationMethod::Spake2(hash_function));
+// static
+scoped_ptr<Authenticator> NegotiatingHostAuthenticator::CreateWithSharedSecret(
+    const std::string& local_cert,
+    scoped_refptr<RsaKeyPair> key_pair,
+    const std::string& shared_secret_hash,
+    AuthenticationMethod::HashFunction hash_function) {
+  scoped_ptr<NegotiatingHostAuthenticator> result(
+      new NegotiatingHostAuthenticator(local_cert, key_pair));
+  result->shared_secret_hash_ = shared_secret_hash;
+  result->AddMethod(AuthenticationMethod::Spake2(hash_function));
+  return scoped_ptr<Authenticator>(result.Pass());
+}
+
+// static
+scoped_ptr<Authenticator>
+NegotiatingHostAuthenticator::CreateWithThirdPartyAuth(
+    const std::string& local_cert,
+    scoped_refptr<RsaKeyPair> key_pair,
+    scoped_ptr<ThirdPartyHostAuthenticator::TokenValidator> token_validator) {
+  scoped_ptr<NegotiatingHostAuthenticator> result(
+      new NegotiatingHostAuthenticator(local_cert, key_pair));
+  result->token_validator_ = token_validator.Pass();
+  result->AddMethod(AuthenticationMethod::ThirdParty());
+  return scoped_ptr<Authenticator>(result.Pass());
 }
 
 NegotiatingHostAuthenticator::~NegotiatingHostAuthenticator() {
@@ -55,7 +76,6 @@ void NegotiatingHostAuthenticator::ProcessMessage(
   // then select the first known method from the supported-methods attribute.
   if (!method.is_valid() ||
       std::find(methods_.begin(), methods_.end(), method) == methods_.end()) {
-
     method = AuthenticationMethod::Invalid();
 
     std::string supported_methods_attr =
@@ -126,9 +146,21 @@ scoped_ptr<buzz::XmlElement> NegotiatingHostAuthenticator::GetNextMessage() {
 void NegotiatingHostAuthenticator::CreateAuthenticator(
     Authenticator::State preferred_initial_state,
     const base::Closure& resume_callback) {
-  current_authenticator_ = V2Authenticator::CreateForHost(
-      local_cert_, local_key_pair_, shared_secret_hash_,
-      preferred_initial_state);
+  DCHECK(current_method_.is_valid());
+
+  if (current_method_.type() == AuthenticationMethod::THIRD_PARTY) {
+    // |ThirdPartyHostAuthenticator| takes ownership of |token_validator_|.
+    // The authentication method negotiation logic should guarantee that only
+    // one |ThirdPartyHostAuthenticator| will need to be created per session.
+    DCHECK(token_validator_);
+    current_authenticator_.reset(new ThirdPartyHostAuthenticator(
+        local_cert_, local_key_pair_, token_validator_.Pass()));
+  } else {
+    current_authenticator_ = V2Authenticator::CreateForHost(
+        local_cert_, local_key_pair_, shared_secret_hash_,
+        preferred_initial_state);
+  }
+
   resume_callback.Run();
 }
 
diff --git a/remoting/protocol/negotiating_host_authenticator.h b/remoting/protocol/negotiating_host_authenticator.h
index 4ff53f6..588fee2 100644
--- a/remoting/protocol/negotiating_host_authenticator.h
+++ b/remoting/protocol/negotiating_host_authenticator.h
@@ -15,6 +15,7 @@
 #include "remoting/protocol/authentication_method.h"
 #include "remoting/protocol/authenticator.h"
 #include "remoting/protocol/negotiating_authenticator_base.h"
+#include "remoting/protocol/third_party_host_authenticator.h"
 
 namespace remoting {
 
@@ -26,14 +27,20 @@ namespace protocol {
 // See comments in negotiating_authenticator_base.h for a general explanation.
 class NegotiatingHostAuthenticator : public NegotiatingAuthenticatorBase {
  public:
+  virtual ~NegotiatingHostAuthenticator();
+
   // Creates a host authenticator, using a fixed shared secret/PIN hash.
-  NegotiatingHostAuthenticator(
+  static scoped_ptr<Authenticator> CreateWithSharedSecret(
       const std::string& local_cert,
       scoped_refptr<RsaKeyPair> key_pair,
       const std::string& shared_secret_hash,
       AuthenticationMethod::HashFunction hash_function);
 
-  virtual ~NegotiatingHostAuthenticator();
+  // Creates a host authenticator, using third party authentication.
+  static scoped_ptr<Authenticator> CreateWithThirdPartyAuth(
+      const std::string& local_cert,
+      scoped_refptr<RsaKeyPair> key_pair,
+      scoped_ptr<ThirdPartyHostAuthenticator::TokenValidator> token_validator);
 
   // Overriden from Authenticator.
   virtual void ProcessMessage(const buzz::XmlElement* message,
@@ -41,6 +48,10 @@ class NegotiatingHostAuthenticator : public NegotiatingAuthenticatorBase {
   virtual scoped_ptr<buzz::XmlElement> GetNextMessage() OVERRIDE;
 
  private:
+  NegotiatingHostAuthenticator(
+      const std::string& local_cert,
+      scoped_refptr<RsaKeyPair> key_pair);
+
   // (Asynchronously) creates an authenticator, and stores it in
   // |current_authenticator_|. Authenticators that can be started in either
   // state will be created in |preferred_initial_state|.
@@ -50,8 +61,13 @@ class NegotiatingHostAuthenticator : public NegotiatingAuthenticatorBase {
 
   std::string local_cert_;
   scoped_refptr<RsaKeyPair> local_key_pair_;
+
+  // Used only for shared secret host authenticators.
   std::string shared_secret_hash_;
 
+  // Used only for third party host authenticators.
+  scoped_ptr<ThirdPartyHostAuthenticator::TokenValidator> token_validator_;
+
   DISALLOW_COPY_AND_ASSIGN(NegotiatingHostAuthenticator);
 };
 
diff --git a/remoting/protocol/third_party_host_authenticator.h b/remoting/protocol/third_party_host_authenticator.h
index b72ac05..60538b2 100644
--- a/remoting/protocol/third_party_host_authenticator.h
+++ b/remoting/protocol/third_party_host_authenticator.h
@@ -54,6 +54,17 @@ class ThirdPartyHostAuthenticator : public ThirdPartyAuthenticatorBase {
     virtual const std::string& token_scope() const = 0;
   };
 
+  class TokenValidatorFactory {
+   public:
+    virtual ~TokenValidatorFactory() {}
+
+    // Creates a TokenValidator. |local_jid| and |remote_jid| are used to create
+    // a token scope that is restricted to the current connection's JIDs.
+    virtual scoped_ptr<TokenValidator> CreateTokenValidator(
+        const std::string& local_jid,
+        const std::string& remote_jid) = 0;
+  };
+
   // Creates a third-party host authenticator. |local_cert| and |key_pair| are
   // used by the underlying V2Authenticator to create the SSL channels.
   // |token_validator| contains the token parameters to be sent to the client
@@ -78,6 +89,8 @@ class ThirdPartyHostAuthenticator : public ThirdPartyAuthenticatorBase {
   std::string local_cert_;
   scoped_refptr<RsaKeyPair> key_pair_;
   scoped_ptr<TokenValidator> token_validator_;
+
+  DISALLOW_COPY_AND_ASSIGN(ThirdPartyHostAuthenticator);
 };
 
 }  // namespace protocol
author	rmsousa@chromium.org <rmsousa@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2013-04-06 04:50:43 +0000
committer	rmsousa@chromium.org <rmsousa@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2013-04-06 04:50:43 +0000
commit	4386f0a9e032a669a6e6c311965ff3a9903850b9 (patch)
tree	d98e16fb9510c3391b780459c7d0f4b864af02d7 /remoting/protocol
parent	46ad339269e5805bb499ebb76ce1077ff8c8d5be (diff)
download	chromium_src-4386f0a9e032a669a6e6c311965ff3a9903850b9.zip chromium_src-4386f0a9e032a669a6e6c311965ff3a9903850b9.tar.gz chromium_src-4386f0a9e032a669a6e6c311965ff3a9903850b9.tar.bz2