diff options
author | sergeyu <sergeyu@chromium.org> | 2016-03-11 15:17:38 -0800 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2016-03-11 23:18:57 +0000 |
commit | 279bf7c76a3e0bfbbd28748d0d02fcead88f4436 (patch) | |
tree | 90bc84a17c2dabe9c107aa797c18a4daaf956629 /remoting/protocol | |
parent | 3bb5509ec38c488f920abcab47d30154cdebe58c (diff) | |
download | chromium_src-279bf7c76a3e0bfbbd28748d0d02fcead88f4436.zip chromium_src-279bf7c76a3e0bfbbd28748d0d02fcead88f4436.tar.gz chromium_src-279bf7c76a3e0bfbbd28748d0d02fcead88f4436.tar.bz2 |
Move NegotiatingClientAuthentication creation to ChromotingClient.
For the new SPAKE2 authenticator we need to pass client_jid
to the authenticator. This wasn't possible previously because
NegotiatingClientAuthenticator was created before signaling is
connected. Moved NegotiatingClientAuthentication creation to
ChromotingClient.
BUG=589698
Review URL: https://codereview.chromium.org/1778023002
Cr-Commit-Position: refs/heads/master@{#380779}
Diffstat (limited to 'remoting/protocol')
-rw-r--r-- | remoting/protocol/negotiating_authenticator_unittest.cc | 15 | ||||
-rw-r--r-- | remoting/protocol/negotiating_client_authenticator.cc | 31 | ||||
-rw-r--r-- | remoting/protocol/negotiating_client_authenticator.h | 41 |
3 files changed, 43 insertions, 44 deletions
diff --git a/remoting/protocol/negotiating_authenticator_unittest.cc b/remoting/protocol/negotiating_authenticator_unittest.cc index 0161e65..534eecc 100644 --- a/remoting/protocol/negotiating_authenticator_unittest.cc +++ b/remoting/protocol/negotiating_authenticator_unittest.cc @@ -65,14 +65,17 @@ class NegotiatingAuthenticatorTest : public AuthenticatorTestBase { host_cert_, key_pair_, host_secret_hash, pairing_registry_); } + + protocol::ClientAuthenticationConfig client_auth_config; + client_auth_config.host_id = kTestHostId; + client_auth_config.pairing_client_id = client_id; + client_auth_config.pairing_secret= client_paired_secret; bool pairing_expected = pairing_registry_.get() != nullptr; - FetchSecretCallback fetch_secret_callback = + client_auth_config.fetch_secret_callback = base::Bind(&NegotiatingAuthenticatorTest::FetchSecret, - client_interactive_pin, - pairing_expected); - client_as_negotiating_authenticator_ = new NegotiatingClientAuthenticator( - client_id, client_paired_secret, kTestHostId, fetch_secret_callback, - FetchThirdPartyTokenCallback()); + client_interactive_pin, pairing_expected); + client_as_negotiating_authenticator_ = + new NegotiatingClientAuthenticator(client_auth_config); client_.reset(client_as_negotiating_authenticator_); } diff --git a/remoting/protocol/negotiating_client_authenticator.cc b/remoting/protocol/negotiating_client_authenticator.cc index c6cda5d..11dd49a 100644 --- a/remoting/protocol/negotiating_client_authenticator.cc +++ b/remoting/protocol/negotiating_client_authenticator.cc @@ -21,20 +21,15 @@ namespace remoting { namespace protocol { +ClientAuthenticationConfig::ClientAuthenticationConfig() {} +ClientAuthenticationConfig::~ClientAuthenticationConfig() {} + NegotiatingClientAuthenticator::NegotiatingClientAuthenticator( - const std::string& client_pairing_id, - const std::string& shared_secret, - const std::string& authentication_tag, - const FetchSecretCallback& fetch_secret_callback, - const FetchThirdPartyTokenCallback& fetch_third_party_token_callback) + const ClientAuthenticationConfig& config) : NegotiatingAuthenticatorBase(MESSAGE_READY), - client_pairing_id_(client_pairing_id), - shared_secret_(shared_secret), - authentication_tag_(authentication_tag), - fetch_secret_callback_(fetch_secret_callback), - fetch_third_party_token_callback_(fetch_third_party_token_callback), + config_(config), weak_factory_(this) { - if (!fetch_third_party_token_callback.is_null()) + if (!config_.fetch_third_party_token_callback.is_null()) AddMethod(Method::THIRD_PARTY); AddMethod(Method::SPAKE2_PAIR); AddMethod(Method::SPAKE2_SHARED_SECRET_HMAC); @@ -115,7 +110,7 @@ void NegotiatingClientAuthenticator::CreateAuthenticatorForCurrentMethod( if (current_method_ == Method::THIRD_PARTY) { current_authenticator_.reset(new ThirdPartyClientAuthenticator( base::Bind(&V2Authenticator::CreateForClient), - fetch_third_party_token_callback_)); + config_.fetch_third_party_token_callback)); resume_callback.Run(); } else { DCHECK(current_method_ == Method::SPAKE2_SHARED_SECRET_PLAIN || @@ -125,20 +120,20 @@ void NegotiatingClientAuthenticator::CreateAuthenticatorForCurrentMethod( SecretFetchedCallback callback = base::Bind( &NegotiatingClientAuthenticator::CreateV2AuthenticatorWithSecret, weak_factory_.GetWeakPtr(), preferred_initial_state, resume_callback); - fetch_secret_callback_.Run(pairing_supported, callback); + config_.fetch_secret_callback.Run(pairing_supported, callback); } } void NegotiatingClientAuthenticator::CreatePreferredAuthenticator() { - if (!client_pairing_id_.empty() && !shared_secret_.empty() && + if (!config_.pairing_client_id.empty() && !config_.pairing_secret.empty() && std::find(methods_.begin(), methods_.end(), Method::SPAKE2_PAIR) != methods_.end()) { // If the client specified a pairing id and shared secret, then create a // PairingAuthenticator. current_authenticator_.reset(new PairingClientAuthenticator( - client_pairing_id_, shared_secret_, - base::Bind(&V2Authenticator::CreateForClient), fetch_secret_callback_, - authentication_tag_)); + config_.pairing_client_id, config_.pairing_secret, + base::Bind(&V2Authenticator::CreateForClient), + config_.fetch_secret_callback, config_.host_id)); current_method_ = Method::SPAKE2_PAIR; } } @@ -150,7 +145,7 @@ void NegotiatingClientAuthenticator::CreateV2AuthenticatorWithSecret( current_authenticator_ = V2Authenticator::CreateForClient( (current_method_ == Method::SPAKE2_SHARED_SECRET_PLAIN) ? shared_secret - : GetSharedSecretHash(authentication_tag_, shared_secret), + : GetSharedSecretHash(config_.host_id, shared_secret), initial_state); resume_callback.Run(); } diff --git a/remoting/protocol/negotiating_client_authenticator.h b/remoting/protocol/negotiating_client_authenticator.h index abdb58c..0867d10 100644 --- a/remoting/protocol/negotiating_client_authenticator.h +++ b/remoting/protocol/negotiating_client_authenticator.h @@ -18,18 +18,30 @@ namespace remoting { namespace protocol { +struct ClientAuthenticationConfig { + ClientAuthenticationConfig(); + ~ClientAuthenticationConfig(); + + // Used for all authenticators. + std::string host_id; + + // Used for pairing authenticators + std::string pairing_client_id; + std::string pairing_secret; + + // Used for shared secret authenticators. + FetchSecretCallback fetch_secret_callback; + + // Used for third party authenticators. + FetchThirdPartyTokenCallback fetch_third_party_token_callback; +}; + // Client-side implementation of NegotiatingAuthenticatorBase. // See comments in negotiating_authenticator_base.h for a general explanation. class NegotiatingClientAuthenticator : public NegotiatingAuthenticatorBase { public: - // TODO(jamiewalch): Pass ClientConfig instead of separate parameters. - NegotiatingClientAuthenticator( - const std::string& client_pairing_id, - const std::string& shared_secret, - const std::string& authentication_tag, - const FetchSecretCallback& fetch_secret_callback, - const FetchThirdPartyTokenCallback& fetch_third_party_token_callback); - + explicit NegotiatingClientAuthenticator( + const ClientAuthenticationConfig& config); ~NegotiatingClientAuthenticator() override; // Overriden from Authenticator. @@ -64,18 +76,7 @@ class NegotiatingClientAuthenticator : public NegotiatingAuthenticatorBase { const base::Closure& resume_callback, const std::string& shared_secret); - // Used for pairing authenticators - std::string client_pairing_id_; - std::string shared_secret_; - - // Used for all authenticators. - std::string authentication_tag_; - - // Used for shared secret authenticators. - FetchSecretCallback fetch_secret_callback_; - - // Used for third party authenticators. - FetchThirdPartyTokenCallback fetch_third_party_token_callback_; + ClientAuthenticationConfig config_; // Internal NegotiatingClientAuthenticator data. bool method_set_by_host_ = false; |