summaryrefslogtreecommitdiffstats
path: root/remoting
diff options
context:
space:
mode:
authorsergeyu@chromium.org <sergeyu@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2012-01-24 12:58:15 +0000
committersergeyu@chromium.org <sergeyu@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2012-01-24 12:58:15 +0000
commit8bf7cbb223040ee3b472f5bce53fdb2ce2c905ec (patch)
tree1f52ba8e24f0cd2cf1ea16acfa0db26fb63f6424 /remoting
parent836cdae36964a1f7597d75286cd3edb69b72b521 (diff)
downloadchromium_src-8bf7cbb223040ee3b472f5bce53fdb2ce2c905ec.zip
chromium_src-8bf7cbb223040ee3b472f5bce53fdb2ce2c905ec.tar.gz
chromium_src-8bf7cbb223040ee3b472f5bce53fdb2ce2c905ec.tar.bz2
Implement V2 authentication support in the client plugin.
Changed client plugin interface so that it receives information needed to for V2 authentication. Also moved authenticator creation out of ConnectionToHost. BUG=105214 Review URL: http://codereview.chromium.org/9195004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@118828 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'remoting')
-rw-r--r--remoting/client/chromoting_client.cc11
-rw-r--r--remoting/client/client_config.cc7
-rw-r--r--remoting/client/client_config.h5
-rw-r--r--remoting/client/plugin/chromoting_scriptable_object.cc55
-rw-r--r--remoting/protocol/auth_util.h11
-rw-r--r--remoting/protocol/authentication_method.cc139
-rw-r--r--remoting/protocol/authentication_method.h90
-rw-r--r--remoting/protocol/connection_to_host.cc14
-rw-r--r--remoting/protocol/connection_to_host.h9
-rw-r--r--remoting/remoting.gyp2
-rw-r--r--remoting/webapp/client_screen.js5
-rw-r--r--remoting/webapp/client_session.js31
-rw-r--r--remoting/webapp/viewer_plugin_proto.js11
13 files changed, 350 insertions, 40 deletions
diff --git a/remoting/client/chromoting_client.cc b/remoting/client/chromoting_client.cc
index 0577ac5..404d383 100644
--- a/remoting/client/chromoting_client.cc
+++ b/remoting/client/chromoting_client.cc
@@ -8,11 +8,15 @@
#include "remoting/client/chromoting_view.h"
#include "remoting/client/client_context.h"
#include "remoting/client/rectangle_update_decoder.h"
+#include "remoting/protocol/authenticator.h"
+#include "remoting/protocol/authentication_method.h"
#include "remoting/protocol/connection_to_host.h"
#include "remoting/protocol/session_config.h"
namespace remoting {
+using protocol::AuthenticationMethod;
+
ChromotingClient::QueuedVideoPacket::QueuedVideoPacket(
const VideoPacket* packet, const base::Closure& done)
: packet(packet), done(done) {
@@ -44,8 +48,13 @@ ChromotingClient::~ChromotingClient() {
void ChromotingClient::Start(scoped_refptr<XmppProxy> xmpp_proxy) {
DCHECK(message_loop()->BelongsToCurrentThread());
+ scoped_ptr<protocol::Authenticator> authenticator =
+ config_.authentication_method.CreateAuthenticator(
+ config_.local_jid, config_.authentication_tag,
+ config_.shared_secret);
+
connection_->Connect(xmpp_proxy, config_.local_jid, config_.host_jid,
- config_.host_public_key, config_.authentication_code,
+ config_.host_public_key, authenticator.Pass(),
this, this, this);
if (!view_->Initialize()) {
diff --git a/remoting/client/client_config.cc b/remoting/client/client_config.cc
index aed88df..3012a9b 100644
--- a/remoting/client/client_config.cc
+++ b/remoting/client/client_config.cc
@@ -1,4 +1,4 @@
-// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
@@ -6,10 +6,11 @@
namespace remoting {
-ClientConfig::ClientConfig() {
+ClientConfig::ClientConfig()
+ : authentication_method(protocol::AuthenticationMethod::Invalid()) {
}
ClientConfig::~ClientConfig() {
}
-}
+} // namespace remoting
diff --git a/remoting/client/client_config.h b/remoting/client/client_config.h
index 52b8e34..31268fd 100644
--- a/remoting/client/client_config.h
+++ b/remoting/client/client_config.h
@@ -8,6 +8,7 @@
#include <string>
#include "base/basictypes.h"
+#include "remoting/protocol/authentication_method.h"
namespace remoting {
@@ -20,7 +21,9 @@ struct ClientConfig {
std::string host_jid;
std::string host_public_key;
- std::string authentication_code;
+ std::string shared_secret;
+ protocol::AuthenticationMethod authentication_method;
+ std::string authentication_tag;
};
} // namespace remoting
diff --git a/remoting/client/plugin/chromoting_scriptable_object.cc b/remoting/client/plugin/chromoting_scriptable_object.cc
index 76d354d..334237d 100644
--- a/remoting/client/plugin/chromoting_scriptable_object.cc
+++ b/remoting/client/plugin/chromoting_scriptable_object.cc
@@ -7,6 +7,7 @@
#include "base/bind.h"
#include "base/logging.h"
#include "base/message_loop_proxy.h"
+#include "base/string_split.h"
// TODO(wez): Remove this when crbug.com/86353 is complete.
#include "ppapi/cpp/private/var_private.h"
#include "remoting/base/auth_token_util.h"
@@ -57,7 +58,7 @@ void ChromotingScriptableObject::Init() {
// Plugin API version.
// This should be incremented whenever the API interface changes.
- AddAttribute(kApiVersionAttribute, Var(3));
+ AddAttribute(kApiVersionAttribute, Var(4));
// This should be updated whenever we remove support for an older version
// of the API.
@@ -358,7 +359,9 @@ Var ChromotingScriptableObject::DoConnect(const std::vector<Var>& args,
// host_jid
// host_public_key
// client_jid
- // authentication_code (optional)
+ // shared_secret
+ // authentication_methods
+ // authentication_tag
unsigned int arg = 0;
if (!args[arg].is_string()) {
*exception = Var("The host_jid must be a string.");
@@ -378,13 +381,48 @@ Var ChromotingScriptableObject::DoConnect(const std::vector<Var>& args,
}
std::string client_jid = args[arg++].AsString();
- std::string authentication_code;
+ if (!args[arg].is_string()) {
+ *exception = Var("The shared_secret must be a string.");
+ return Var();
+ }
+ std::string shared_secret = args[arg++].AsString();
+
+ // Older versions of the webapp do not supply the following two
+ // parameters.
+
+ // By default use V1 authentication.
+ protocol::AuthenticationMethod authentication_method =
+ protocol::AuthenticationMethod::V1Token();
+ if (args.size() > arg) {
+ if (!args[arg].is_string()) {
+ *exception = Var("The authentication_method must be a string.");
+ return Var();
+ }
+
+ authentication_method = protocol::AuthenticationMethod::Invalid();
+ std::string as_string = args[arg++].AsString();
+ std::vector<std::string> auth_methods;
+ base::SplitString(as_string, ',', &auth_methods);
+ for (std::vector<std::string>::iterator it = auth_methods.begin();
+ it != auth_methods.end(); ++it) {
+ authentication_method =
+ protocol::AuthenticationMethod::FromString(as_string);
+ if (authentication_method.is_valid())
+ break;
+ }
+ if (!authentication_method.is_valid()) {
+ *exception = Var("No valid authentication methods specified.");
+ return Var();
+ }
+ }
+
+ std::string authentication_tag;
if (args.size() > arg) {
if (!args[arg].is_string()) {
- *exception = Var("The authentication code must be a string.");
+ *exception = Var("The authentication_tag must be a string.");
return Var();
}
- authentication_code = args[arg++].AsString();
+ authentication_tag = args[arg++].AsString();
}
if (args.size() != arg) {
@@ -393,13 +431,14 @@ Var ChromotingScriptableObject::DoConnect(const std::vector<Var>& args,
}
VLOG(1) << "Connecting to host. "
- << "client_jid: " << client_jid << ", host_jid: " << host_jid
- << ", authentication_code: " << authentication_code;
+ << "client_jid: " << client_jid << ", host_jid: " << host_jid;
ClientConfig config;
config.local_jid = client_jid;
config.host_jid = host_jid;
config.host_public_key = host_public_key;
- config.authentication_code = authentication_code;
+ config.shared_secret = shared_secret;
+ config.authentication_method = authentication_method;
+ config.authentication_tag = authentication_tag;
instance_->Connect(config);
return Var();
diff --git a/remoting/protocol/auth_util.h b/remoting/protocol/auth_util.h
index e33a473..3493550 100644
--- a/remoting/protocol/auth_util.h
+++ b/remoting/protocol/auth_util.h
@@ -1,4 +1,4 @@
-// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
@@ -23,9 +23,16 @@ extern const char kHostAuthSslExporterLabel[];
// Fake hostname used for SSL connections.
extern const char kSslFakeHostName[];
-// Size of the HMAC-SHA-256 authentication digest.
+// Size of the HMAC-SHA-256 hash used as shared secret in SPAKE2.
+const size_t kSharedSecretHashLength = 32;
+
+// Size of the HMAC-SHA-256 digest used for channel authentication.
const size_t kAuthDigestLength = 32;
+// TODO(sergeyu): The following two methods are used for V1
+// authentication. Remove them when we finally switch to V2
+// authentication method. crbug.com/110483 .
+
// Generates auth token for the specified |jid| and |access_code|.
std::string GenerateSupportAuthToken(const std::string& jid,
const std::string& access_code);
diff --git a/remoting/protocol/authentication_method.cc b/remoting/protocol/authentication_method.cc
new file mode 100644
index 0000000..ebee009
--- /dev/null
+++ b/remoting/protocol/authentication_method.cc
@@ -0,0 +1,139 @@
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "remoting/protocol/authentication_method.h"
+
+#include "base/logging.h"
+#include "crypto/hmac.h"
+#include "remoting/protocol/auth_util.h"
+#include "remoting/protocol/v1_authenticator.h"
+#include "remoting/protocol/v2_authenticator.h"
+
+namespace remoting {
+namespace protocol {
+
+// static
+AuthenticationMethod AuthenticationMethod::Invalid() {
+ return AuthenticationMethod();
+}
+
+// static
+AuthenticationMethod AuthenticationMethod::V1Token() {
+ return AuthenticationMethod(VERSION_1, NONE);
+}
+
+// static
+AuthenticationMethod AuthenticationMethod::Spake2(HashFunction hash_function) {
+ return AuthenticationMethod(VERSION_2, hash_function);
+}
+
+// static
+AuthenticationMethod AuthenticationMethod::FromString(
+ const std::string& value) {
+ if (value == "v1_token") {
+ return V1Token();
+ } else if (value == "spake2_plain") {
+ return Spake2(NONE);
+ } else if (value == "spake2_hmac") {
+ return Spake2(HMAC_SHA256);
+ } else {
+ return AuthenticationMethod::Invalid();
+ }
+}
+
+AuthenticationMethod::AuthenticationMethod()
+ : invalid_(true),
+ version_(VERSION_2),
+ hash_function_(NONE) {
+}
+
+AuthenticationMethod::AuthenticationMethod(Version version,
+ HashFunction hash_function)
+ : invalid_(false),
+ version_(version),
+ hash_function_(hash_function) {
+}
+
+std::string AuthenticationMethod::ApplyHashFunction(
+ const std::string& tag,
+ const std::string& shared_secret) {
+ DCHECK(is_valid());
+
+ switch (hash_function_) {
+ case NONE:
+ return shared_secret;
+ break;
+
+ case HMAC_SHA256: {
+ crypto::HMAC response(crypto::HMAC::SHA256);
+ if (!response.Init(tag)) {
+ LOG(FATAL) << "HMAC::Init failed";
+ }
+
+ unsigned char out_bytes[kSharedSecretHashLength];
+ if (!response.Sign(shared_secret, out_bytes, sizeof(out_bytes))) {
+ LOG(FATAL) << "HMAC::Sign failed";
+ }
+
+ return std::string(out_bytes, out_bytes + sizeof(out_bytes));
+ }
+ }
+
+ NOTREACHED();
+ return shared_secret;
+}
+
+scoped_ptr<Authenticator> AuthenticationMethod::CreateAuthenticator(
+ const std::string& local_jid,
+ const std::string& tag,
+ const std::string& shared_secret) {
+ DCHECK(is_valid());
+
+ switch (version_) {
+ case VERSION_1:
+ DCHECK_EQ(hash_function_, NONE);
+ return scoped_ptr<Authenticator>(
+ new protocol::V1ClientAuthenticator(local_jid, shared_secret));
+
+ case VERSION_2:
+ return protocol::V2Authenticator::CreateForClient(
+ ApplyHashFunction(tag, shared_secret));
+ }
+
+ NOTREACHED();
+ return scoped_ptr<Authenticator>(NULL);
+}
+
+AuthenticationMethod::Version AuthenticationMethod::version() const {
+ DCHECK(is_valid());
+ return version_;
+}
+
+AuthenticationMethod::HashFunction AuthenticationMethod::hash_function() const {
+ DCHECK(is_valid());
+ return hash_function_;
+}
+
+const std::string AuthenticationMethod::ToString() const {
+ DCHECK(is_valid());
+
+ switch (version_) {
+ case VERSION_1:
+ return "v1_token";
+
+ case VERSION_2:
+ switch (hash_function_) {
+ case NONE:
+ return "spake2_plain";
+ case HMAC_SHA256:
+ return "spake2_hmac";
+ }
+ }
+
+ NOTREACHED();
+ return "";
+}
+
+} // namespace protocol
+} // namespace remoting
diff --git a/remoting/protocol/authentication_method.h b/remoting/protocol/authentication_method.h
new file mode 100644
index 0000000..402e3bc
--- /dev/null
+++ b/remoting/protocol/authentication_method.h
@@ -0,0 +1,90 @@
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// AuthenticationMethod represents an authentication algorithm and its
+// configuration. It knows how to parse and format authentication
+// method names.
+// Currently the following methods are supported:
+// v1_token - deprecated V1 authentication mechanism,
+// spake2_plain - SPAKE2 without hashing applied to the password.
+// spake2_hmac - SPAKE2 with HMAC hashing of the password.
+
+#ifndef REMOTING_PROTOCOL_AUTHENTICATION_METHOD_H_
+#define REMOTING_PROTOCOL_AUTHENTICATION_METHOD_H_
+
+#include <string>
+
+#include "base/memory/scoped_ptr.h"
+
+namespace remoting {
+namespace protocol {
+
+class Authenticator;
+
+class AuthenticationMethod {
+ public:
+ enum Version {
+ // Legacy authentication mechanism.
+ // TODO(sergeyu): Should be removed when we finished switching to
+ // the new version (at which point this enum may be removed).
+ // crbug.com/110483
+ VERSION_1,
+
+ // The new SPAKE2-based authentication.
+ VERSION_2,
+ };
+
+ enum HashFunction {
+ NONE,
+ HMAC_SHA256,
+ };
+
+ // Constructors for various authentication methods.
+ static AuthenticationMethod Invalid();
+ static AuthenticationMethod V1Token();
+ static AuthenticationMethod Spake2(HashFunction hash_function);
+
+ // Parses a string that defines an authentication method. Returns an
+ // invalid value if the string is invalid.
+ static AuthenticationMethod FromString(const std::string& value);
+
+ // Returns true
+ bool is_valid() const { return !invalid_; }
+
+ // Following methods are valid only when is_valid() returns true.
+
+ // Version of the authentication protocol.
+ Version version() const ;
+
+ // Hash function applied to the shared secret on both ends.
+ HashFunction hash_function() const;
+
+ // Returns string representation of the value stored in this object.
+ const std::string ToString() const;
+
+ // Applies the current hash function to |shared_secret| with the
+ // specified |tag| as a key.
+ std::string ApplyHashFunction(const std::string& tag,
+ const std::string& shared_secret);
+
+ // Creates client authenticator using the specified parameters.
+ scoped_ptr<Authenticator> CreateAuthenticator(
+ const std::string& local_jid,
+ const std::string& tag,
+ const std::string& shared_secret);
+
+ private:
+ AuthenticationMethod();
+ AuthenticationMethod(Version version,
+ HashFunction hash_function);
+
+ bool invalid_;
+ Version version_;
+ HashFunction hash_function_;
+};
+
+} // namespace protocol
+} // namespace remoting
+
+#endif // REMOTING_PROTOCOL_AUTHENTICATION_METHOD_H_
diff --git a/remoting/protocol/connection_to_host.cc b/remoting/protocol/connection_to_host.cc
index 879e1b2..ca89b44 100644
--- a/remoting/protocol/connection_to_host.cc
+++ b/remoting/protocol/connection_to_host.cc
@@ -12,12 +12,12 @@
#include "remoting/jingle_glue/javascript_signal_strategy.h"
#include "remoting/jingle_glue/xmpp_signal_strategy.h"
#include "remoting/protocol/auth_util.h"
+#include "remoting/protocol/authenticator.h"
#include "remoting/protocol/client_control_dispatcher.h"
#include "remoting/protocol/client_event_dispatcher.h"
#include "remoting/protocol/client_stub.h"
#include "remoting/protocol/jingle_session_manager.h"
#include "remoting/protocol/pepper_session_manager.h"
-#include "remoting/protocol/v1_authenticator.h"
#include "remoting/protocol/video_reader.h"
#include "remoting/protocol/video_stub.h"
#include "remoting/protocol/util.h"
@@ -51,24 +51,24 @@ HostStub* ConnectionToHost::host_stub() {
}
void ConnectionToHost::Connect(scoped_refptr<XmppProxy> xmpp_proxy,
- const std::string& your_jid,
+ const std::string& local_jid,
const std::string& host_jid,
const std::string& host_public_key,
- const std::string& access_code,
+ scoped_ptr<Authenticator> authenticator,
HostEventCallback* event_callback,
ClientStub* client_stub,
VideoStub* video_stub) {
event_callback_ = event_callback;
client_stub_ = client_stub;
video_stub_ = video_stub;
- access_code_ = access_code;
+ authenticator_ = authenticator.Pass();
// Save jid of the host. The actual connection is created later after
// |signal_strategy_| is connected.
host_jid_ = host_jid;
host_public_key_ = host_public_key;
- JavascriptSignalStrategy* strategy = new JavascriptSignalStrategy(your_jid);
+ JavascriptSignalStrategy* strategy = new JavascriptSignalStrategy(local_jid);
strategy->AttachXmppProxy(xmpp_proxy);
signal_strategy_.reset(strategy);
signal_strategy_->AddListener(this);
@@ -126,10 +126,8 @@ void ConnectionToHost::OnSessionManagerReady() {
// After SessionManager is initialized we can try to connect to the host.
scoped_ptr<CandidateSessionConfig> candidate_config =
CandidateSessionConfig::CreateDefault();
- scoped_ptr<Authenticator> authenticator(
- new V1ClientAuthenticator(signal_strategy_->GetLocalJid(), access_code_));
session_ = session_manager_->Connect(
- host_jid_, authenticator.Pass(), candidate_config.Pass(),
+ host_jid_, authenticator_.Pass(), candidate_config.Pass(),
base::Bind(&ConnectionToHost::OnSessionStateChange,
base::Unretained(this)));
}
diff --git a/remoting/protocol/connection_to_host.h b/remoting/protocol/connection_to_host.h
index f025a20..16d648b 100644
--- a/remoting/protocol/connection_to_host.h
+++ b/remoting/protocol/connection_to_host.h
@@ -1,4 +1,4 @@
-// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
@@ -31,6 +31,7 @@ class VideoPacket;
namespace protocol {
+class Authenticator;
class ClientControlDispatcher;
class ClientEventDispatcher;
class ClientStub;
@@ -72,10 +73,10 @@ class ConnectionToHost : public SignalStrategy::Listener,
virtual ~ConnectionToHost();
virtual void Connect(scoped_refptr<XmppProxy> xmpp_proxy,
- const std::string& your_jid,
+ const std::string& local_jid,
const std::string& host_jid,
const std::string& host_public_key,
- const std::string& access_code,
+ scoped_ptr<Authenticator> authenticator,
HostEventCallback* event_callback,
ClientStub* client_stub,
VideoStub* video_stub);
@@ -129,7 +130,7 @@ class ConnectionToHost : public SignalStrategy::Listener,
std::string host_jid_;
std::string host_public_key_;
- std::string access_code_;
+ scoped_ptr<Authenticator> authenticator_;
HostEventCallback* event_callback_;
diff --git a/remoting/remoting.gyp b/remoting/remoting.gyp
index d1991b8..a4dc8c3 100644
--- a/remoting/remoting.gyp
+++ b/remoting/remoting.gyp
@@ -748,6 +748,8 @@
'sources': [
'protocol/auth_util.cc',
'protocol/auth_util.h',
+ 'protocol/authentication_method.cc',
+ 'protocol/authentication_method.h',
'protocol/authenticator.cc',
'protocol/authenticator.h',
'protocol/buffered_socket_writer.cc',
diff --git a/remoting/webapp/client_screen.js b/remoting/webapp/client_screen.js
index 06ad729..3577f79 100644
--- a/remoting/webapp/client_screen.js
+++ b/remoting/webapp/client_screen.js
@@ -288,7 +288,7 @@ function startSession_() {
remoting.clientSession =
new remoting.ClientSession(
remoting.hostJid, remoting.hostPublicKey,
- remoting.accessCode,
+ remoting.accessCode, "v1_token", "",
/** @type {string} */ (remoting.oauth2.getCachedEmail()),
remoting.ClientSession.Mode.IT2ME,
onClientStateChange_);
@@ -462,7 +462,8 @@ function connectMe2MeWithAccessToken_(token) {
remoting.clientSession =
new remoting.ClientSession(
remoting.hostJid, remoting.hostPublicKey,
- pin, /** @type {string} */ (remoting.oauth2.getCachedEmail()),
+ pin, "v1_token", remoting.hostId,
+ /** @type {string} */ (remoting.oauth2.getCachedEmail()),
remoting.ClientSession.Mode.ME2ME, onClientStateChange_);
remoting.clientSession.createPluginAndConnect(
document.getElementById('session-mode'),
diff --git a/remoting/webapp/client_session.js b/remoting/webapp/client_session.js
index a449453..f1bd19b 100644
--- a/remoting/webapp/client_session.js
+++ b/remoting/webapp/client_session.js
@@ -20,8 +20,12 @@ var remoting = remoting || {};
* @param {string} hostJid The jid of the host to connect to.
* @param {string} hostPublicKey The base64 encoded version of the host's
* public key.
- * @param {string} authenticationCode The access code for IT2Me or the
- * PIN for Me2Me.
+ * @param {string} sharedSecret The access code for IT2Me or the PIN
+ * for Me2Me.
+ * @param {string} authenticationMethods Comma-separated list of
+ * authentication methods the client should attempt to use.
+ * @param {string} authenticationTag A host-specific tag to mix into
+ * authentication hashes.
* @param {string} email The username for the talk network.
* @param {remoting.ClientSession.Mode} mode The mode of this connection.
* @param {function(remoting.ClientSession.State,
@@ -29,13 +33,16 @@ var remoting = remoting || {};
* The callback to invoke when the session changes state.
* @constructor
*/
-remoting.ClientSession = function(hostJid, hostPublicKey, authenticationCode,
+remoting.ClientSession = function(hostJid, hostPublicKey, sharedSecret,
+ authenticationMethods, authenticationTag,
email, mode, onStateChange) {
this.state = remoting.ClientSession.State.CREATED;
this.hostJid = hostJid;
this.hostPublicKey = hostPublicKey;
- this.authenticationCode = authenticationCode;
+ this.sharedSecret = sharedSecret;
+ this.authenticationMethods = authenticationMethods;
+ this.authenticationTag = authenticationTag;
this.email = email;
this.mode = mode;
this.clientJid = '';
@@ -114,7 +121,7 @@ remoting.ClientSession.prototype.error =
* @const
* @private
*/
-remoting.ClientSession.prototype.API_VERSION_ = 3;
+remoting.ClientSession.prototype.API_VERSION_ = 4;
/**
* The oldest API version that we support.
@@ -124,7 +131,7 @@ remoting.ClientSession.prototype.API_VERSION_ = 3;
* @const
* @private
*/
-remoting.ClientSession.prototype.API_MIN_VERSION_ = 1;
+remoting.ClientSession.prototype.API_MIN_VERSION_ = 2;
/**
* The id of the client plugin
@@ -339,8 +346,16 @@ remoting.ClientSession.prototype.connectPluginToWcs_ =
}
}
remoting.wcs.setOnIq(onIq);
- that.plugin.connect(this.hostJid, this.hostPublicKey, this.clientJid,
- this.authenticationCode);
+ if (that.plugin.apiVersion < 4) {
+ // Client plugin versions prior to 4 didn't support the last two
+ // parameters.
+ that.plugin.connect(this.hostJid, this.hostPublicKey, this.clientJid,
+ this.sharedSecret);
+ } else {
+ that.plugin.connect(this.hostJid, this.hostPublicKey, this.clientJid,
+ this.sharedSecret, this.authenticationMethods,
+ this.authenticationTag);
+ }
};
/**
diff --git a/remoting/webapp/viewer_plugin_proto.js b/remoting/webapp/viewer_plugin_proto.js
index 18d6461..63a865b 100644
--- a/remoting/webapp/viewer_plugin_proto.js
+++ b/remoting/webapp/viewer_plugin_proto.js
@@ -26,12 +26,17 @@ remoting.ViewerPlugin.prototype.releaseAllKeys = function() {};
* @param {string} hostJid The host's JID.
* @param {string} hostPublicKey The host's public key.
* @param {string} clientJid The client's JID.
- * @param {string} authenticationCode The access code for IT2Me or the
- * PIN for Me2Me.
+ * @param {string} sharedSecret The access code for IT2Me or the
+ * PIN for Me2Me.
+ * @param {string=} authenticationMethods Comma-separated list of
+ * authentication methods the client should attempt to use.
+ * @param {string=} authenticationTag A host-specific tag to mix into
+ * authentication hashes.
* @return {void} Nothing.
*/
remoting.ViewerPlugin.prototype.connect =
- function(hostJid, hostPublicKey, clientJid, authenticationCode) {};
+ function(hostJid, hostPublicKey, clientJid, sharedSecret,
+ authenticationMethod, authenticationTag) {};
/** @type {function(number, number): void} State change callback function. */
remoting.ViewerPlugin.prototype.connectionInfoUpdate;