diff options
author | sergeyu <sergeyu@chromium.org> | 2016-03-12 01:09:58 -0800 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2016-03-12 09:11:29 +0000 |
commit | a15e4f0ac7ec67afd93957fa56f1ef027ec3775a (patch) | |
tree | 04e958dda04ce716ae1c0c4ca270d39af42290b4 /remoting | |
parent | f18571e9097d0533f6fc18d62b3ab006e1d6c6d4 (diff) | |
download | chromium_src-a15e4f0ac7ec67afd93957fa56f1ef027ec3775a.zip chromium_src-a15e4f0ac7ec67afd93957fa56f1ef027ec3775a.tar.gz chromium_src-a15e4f0ac7ec67afd93957fa56f1ef027ec3775a.tar.bz2 |
Make TokenValidatorFactory ref-counted.
This makes TokeValidatorFactory consistent with PairingRegistry and now
it can be shared between multiple authenticator objects.
Review URL: https://codereview.chromium.org/1788443005
Cr-Commit-Position: refs/heads/master@{#380871}
Diffstat (limited to 'remoting')
-rw-r--r-- | remoting/host/remoting_me2me_host.cc | 9 | ||||
-rw-r--r-- | remoting/host/token_validator_factory_impl.h | 4 | ||||
-rw-r--r-- | remoting/host/token_validator_factory_impl_unittest.cc | 6 | ||||
-rw-r--r-- | remoting/protocol/me2me_host_authenticator_factory.cc | 10 | ||||
-rw-r--r-- | remoting/protocol/me2me_host_authenticator_factory.h | 4 | ||||
-rw-r--r-- | remoting/protocol/negotiating_host_authenticator.cc | 16 | ||||
-rw-r--r-- | remoting/protocol/negotiating_host_authenticator.h | 6 | ||||
-rw-r--r-- | remoting/protocol/token_validator.h | 11 |
8 files changed, 31 insertions, 35 deletions
diff --git a/remoting/host/remoting_me2me_host.cc b/remoting/host/remoting_me2me_host.cc index 5018c13..e9245cf 100644 --- a/remoting/host/remoting_me2me_host.cc +++ b/remoting/host/remoting_me2me_host.cc @@ -806,13 +806,12 @@ void HostProcess::CreateAuthenticatorFactory() { DCHECK(third_party_auth_config_.token_url.is_valid()); DCHECK(third_party_auth_config_.token_validation_url.is_valid()); - scoped_ptr<protocol::TokenValidatorFactory> token_validator_factory( - new TokenValidatorFactoryImpl( - third_party_auth_config_, - key_pair_, context_->url_request_context_getter())); + scoped_refptr<protocol::TokenValidatorFactory> token_validator_factory = + new TokenValidatorFactoryImpl(third_party_auth_config_, key_pair_, + context_->url_request_context_getter()); factory = protocol::Me2MeHostAuthenticatorFactory::CreateWithThirdPartyAuth( use_service_account_, host_owner_, local_certificate, key_pair_, - client_domain_, std::move(token_validator_factory)); + client_domain_, token_validator_factory); } #if defined(OS_POSIX) diff --git a/remoting/host/token_validator_factory_impl.h b/remoting/host/token_validator_factory_impl.h index fcc9240..7ba77f1 100644 --- a/remoting/host/token_validator_factory_impl.h +++ b/remoting/host/token_validator_factory_impl.h @@ -28,14 +28,14 @@ class TokenValidatorFactoryImpl : public protocol::TokenValidatorFactory { scoped_refptr<RsaKeyPair> key_pair, scoped_refptr<net::URLRequestContextGetter> request_context_getter); - ~TokenValidatorFactoryImpl() override; - // TokenValidatorFactory interface. scoped_ptr<protocol::TokenValidator> CreateTokenValidator( const std::string& local_jid, const std::string& remote_jid) override; private: + ~TokenValidatorFactoryImpl() override; + ThirdPartyAuthConfig third_party_auth_config_; scoped_refptr<RsaKeyPair> key_pair_; scoped_refptr<net::URLRequestContextGetter> request_context_getter_; diff --git a/remoting/host/token_validator_factory_impl_unittest.cc b/remoting/host/token_validator_factory_impl_unittest.cc index 3623039..b86f9fb 100644 --- a/remoting/host/token_validator_factory_impl_unittest.cc +++ b/remoting/host/token_validator_factory_impl_unittest.cc @@ -98,8 +98,8 @@ class TokenValidatorFactoryImplTest : public testing::Test { config.token_url = GURL(kTokenUrl); config.token_validation_url = GURL(kTokenValidationUrl); config.token_validation_cert_issuer = kTokenValidationCertIssuer; - token_validator_factory_.reset(new TokenValidatorFactoryImpl( - config, key_pair_, request_context_getter_)); + token_validator_factory_ = new TokenValidatorFactoryImpl( + config, key_pair_, request_context_getter_); } static std::string CreateResponse(const std::string& scope) { @@ -131,7 +131,7 @@ class TokenValidatorFactoryImplTest : public testing::Test { base::MessageLoop message_loop_; scoped_refptr<RsaKeyPair> key_pair_; scoped_refptr<net::URLRequestContextGetter> request_context_getter_; - scoped_ptr<TokenValidatorFactoryImpl> token_validator_factory_; + scoped_refptr<TokenValidatorFactoryImpl> token_validator_factory_; scoped_ptr<protocol::TokenValidator> token_validator_; }; diff --git a/remoting/protocol/me2me_host_authenticator_factory.cc b/remoting/protocol/me2me_host_authenticator_factory.cc index 5bb07d4..a4a5639 100644 --- a/remoting/protocol/me2me_host_authenticator_factory.cc +++ b/remoting/protocol/me2me_host_authenticator_factory.cc @@ -48,9 +48,8 @@ Me2MeHostAuthenticatorFactory::CreateWithThirdPartyAuth( const std::string& host_owner, const std::string& local_cert, scoped_refptr<RsaKeyPair> key_pair, - const std::string& required_client_domain, - scoped_ptr<TokenValidatorFactory> - token_validator_factory) { + const std::string& required_client_domain, + scoped_refptr<TokenValidatorFactory> token_validator_factory) { scoped_ptr<Me2MeHostAuthenticatorFactory> result( new Me2MeHostAuthenticatorFactory()); result->use_service_account_ = use_service_account; @@ -58,7 +57,7 @@ Me2MeHostAuthenticatorFactory::CreateWithThirdPartyAuth( result->local_cert_ = local_cert; result->key_pair_ = key_pair; result->required_client_domain_ = required_client_domain; - result->token_validator_factory_ = std::move(token_validator_factory); + result->token_validator_factory_ = token_validator_factory; return std::move(result); } @@ -120,8 +119,7 @@ scoped_ptr<Authenticator> Me2MeHostAuthenticatorFactory::CreateAuthenticator( if (token_validator_factory_) { return NegotiatingHostAuthenticator::CreateWithThirdPartyAuth( local_jid, remote_jid, local_cert_, key_pair_, - token_validator_factory_->CreateTokenValidator(local_jid, - remote_jid)); + token_validator_factory_); } return NegotiatingHostAuthenticator::CreateWithPin( diff --git a/remoting/protocol/me2me_host_authenticator_factory.h b/remoting/protocol/me2me_host_authenticator_factory.h index cda0989..6515ba8 100644 --- a/remoting/protocol/me2me_host_authenticator_factory.h +++ b/remoting/protocol/me2me_host_authenticator_factory.h @@ -42,7 +42,7 @@ class Me2MeHostAuthenticatorFactory : public AuthenticatorFactory { const std::string& local_cert, scoped_refptr<RsaKeyPair> key_pair, const std::string& required_client_domain, - scoped_ptr<TokenValidatorFactory> token_validator_factory); + scoped_refptr<TokenValidatorFactory> token_validator_factory); Me2MeHostAuthenticatorFactory(); ~Me2MeHostAuthenticatorFactory() override; @@ -64,7 +64,7 @@ class Me2MeHostAuthenticatorFactory : public AuthenticatorFactory { std::string pin_hash_; // Used only for third party host authenticators. - scoped_ptr<TokenValidatorFactory> token_validator_factory_; + scoped_refptr<TokenValidatorFactory> token_validator_factory_; // Used only for pairing host authenticators. scoped_refptr<PairingRegistry> pairing_registry_; diff --git a/remoting/protocol/negotiating_host_authenticator.cc b/remoting/protocol/negotiating_host_authenticator.cc index de6b894..5a3d51e 100644 --- a/remoting/protocol/negotiating_host_authenticator.cc +++ b/remoting/protocol/negotiating_host_authenticator.cc @@ -78,11 +78,11 @@ NegotiatingHostAuthenticator::CreateWithThirdPartyAuth( const std::string& remote_id, const std::string& local_cert, scoped_refptr<RsaKeyPair> key_pair, - scoped_ptr<TokenValidator> token_validator) { + scoped_refptr<TokenValidatorFactory> token_validator_factory) { scoped_ptr<NegotiatingHostAuthenticator> result( new NegotiatingHostAuthenticator(local_id, remote_id, local_cert, key_pair)); - result->token_validator_ = std::move(token_validator); + result->token_validator_factory_ = token_validator_factory; result->AddMethod(Method::THIRD_PARTY_SPAKE2_CURVE25519); result->AddMethod(Method::THIRD_PARTY_SPAKE2_P224); return std::move(result); @@ -183,23 +183,15 @@ void NegotiatingHostAuthenticator::CreateAuthenticator( DCHECK(current_method_ != Method::INVALID); if (current_method_ == Method::THIRD_PARTY_SPAKE2_P224) { - // |ThirdPartyHostAuthenticator| takes ownership of |token_validator_|. - // The authentication method negotiation logic should guarantee that only - // one |ThirdPartyHostAuthenticator| will need to be created per session. - DCHECK(token_validator_); current_authenticator_.reset(new ThirdPartyHostAuthenticator( base::Bind(&V2Authenticator::CreateForHost, local_cert_, local_key_pair_), - std::move(token_validator_))); + token_validator_factory_->CreateTokenValidator(local_id_, remote_id_))); } else if (current_method_ == Method::THIRD_PARTY_SPAKE2_CURVE25519) { - // |ThirdPartyHostAuthenticator| takes ownership of |token_validator_|. - // The authentication method negotiation logic should guarantee that only - // one |ThirdPartyHostAuthenticator| will need to be created per session. - DCHECK(token_validator_); current_authenticator_.reset(new ThirdPartyHostAuthenticator( base::Bind(&Spake2Authenticator::CreateForHost, local_id_, remote_id_, local_cert_, local_key_pair_), - std::move(token_validator_))); + token_validator_factory_->CreateTokenValidator(local_id_, remote_id_))); } else if (current_method_ == Method::SHARED_SECRET_SPAKE2_CURVE25519) { current_authenticator_ = Spake2Authenticator::CreateForHost( local_id_, remote_id_, local_cert_, local_key_pair_, diff --git a/remoting/protocol/negotiating_host_authenticator.h b/remoting/protocol/negotiating_host_authenticator.h index 22508861..2ba78d5 100644 --- a/remoting/protocol/negotiating_host_authenticator.h +++ b/remoting/protocol/negotiating_host_authenticator.h @@ -22,6 +22,8 @@ class RsaKeyPair; namespace protocol { +class TokenValidatorFactory; + // Host-side implementation of NegotiatingAuthenticatorBase. // See comments in negotiating_authenticator_base.h for a general explanation. class NegotiatingHostAuthenticator : public NegotiatingAuthenticatorBase { @@ -53,7 +55,7 @@ class NegotiatingHostAuthenticator : public NegotiatingAuthenticatorBase { const std::string& remote_id, const std::string& local_cert, scoped_refptr<RsaKeyPair> key_pair, - scoped_ptr<TokenValidator> token_validator); + scoped_refptr<TokenValidatorFactory> token_validator_factory); // Overriden from Authenticator. void ProcessMessage(const buzz::XmlElement* message, @@ -83,7 +85,7 @@ class NegotiatingHostAuthenticator : public NegotiatingAuthenticatorBase { std::string shared_secret_hash_; // Used only for third party host authenticators. - scoped_ptr<TokenValidator> token_validator_; + scoped_refptr<TokenValidatorFactory> token_validator_factory_; // Used only for pairing authenticators. scoped_refptr<PairingRegistry> pairing_registry_; diff --git a/remoting/protocol/token_validator.h b/remoting/protocol/token_validator.h index 70540c7..12af22d5 100644 --- a/remoting/protocol/token_validator.h +++ b/remoting/protocol/token_validator.h @@ -8,6 +8,7 @@ #include <string> #include "base/callback.h" +#include "base/memory/ref_counted.h" #include "base/memory/scoped_ptr.h" #include "url/gurl.h" @@ -48,15 +49,19 @@ class TokenValidator { }; // Factory for |TokenValidator|. -class TokenValidatorFactory { +class TokenValidatorFactory + : public base::RefCountedThreadSafe<TokenValidatorFactory> { public: - virtual ~TokenValidatorFactory() {} - // Creates a TokenValidator. |local_jid| and |remote_jid| are used to create // a token scope that is restricted to the current connection's JIDs. virtual scoped_ptr<TokenValidator> CreateTokenValidator( const std::string& local_jid, const std::string& remote_jid) = 0; + + protected: + friend class base::RefCountedThreadSafe<TokenValidatorFactory>; + + virtual ~TokenValidatorFactory() {} }; } // namespace protocol |