1// Copyright 2013 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef REMOTING_PROTOCOL_NEGOTIATING_HOST_AUTHENTICATOR_H_
6#define REMOTING_PROTOCOL_NEGOTIATING_HOST_AUTHENTICATOR_H_
7
8#include <string>
9#include <vector>
10
11#include "base/basictypes.h"
12#include "base/memory/ref_counted.h"
13#include "base/memory/scoped_ptr.h"
14#include "remoting/protocol/authentication_method.h"
15#include "remoting/protocol/authenticator.h"
16#include "remoting/protocol/negotiating_authenticator_base.h"
17#include "remoting/protocol/pairing_registry.h"
18#include "remoting/protocol/third_party_host_authenticator.h"
19
20namespace remoting {
21
22class RsaKeyPair;
23
24namespace protocol {
25
26// Host-side implementation of NegotiatingAuthenticatorBase.
27// See comments in negotiating_authenticator_base.h for a general explanation.
28class NegotiatingHostAuthenticator : public NegotiatingAuthenticatorBase {
29 public:
30  virtual ~NegotiatingHostAuthenticator();
31
32  // Creates a host authenticator, using a fixed shared secret/PIN hash.
33  // If |pairing_registry| is non-NULL then the Spake2Pair method will
34  // be offered, supporting PIN-less authentication.
35  static scoped_ptr<Authenticator> CreateWithSharedSecret(
36      const std::string& local_cert,
37      scoped_refptr<RsaKeyPair> key_pair,
38      const std::string& shared_secret_hash,
39      AuthenticationMethod::HashFunction hash_function,
40      scoped_refptr<PairingRegistry> pairing_registry);
41
42  // Creates a host authenticator, using third party authentication.
43  static scoped_ptr<Authenticator> CreateWithThirdPartyAuth(
44      const std::string& local_cert,
45      scoped_refptr<RsaKeyPair> key_pair,
46      scoped_ptr<ThirdPartyHostAuthenticator::TokenValidator> token_validator);
47
48  // Overriden from Authenticator.
49  virtual void ProcessMessage(const buzz::XmlElement* message,
50                              const base::Closure& resume_callback) OVERRIDE;
51  virtual scoped_ptr<buzz::XmlElement> GetNextMessage() OVERRIDE;
52
53 private:
54  NegotiatingHostAuthenticator(
55      const std::string& local_cert,
56      scoped_refptr<RsaKeyPair> key_pair);
57
58  // (Asynchronously) creates an authenticator, and stores it in
59  // |current_authenticator_|. Authenticators that can be started in either
60  // state will be created in |preferred_initial_state|.
61  // |resume_callback| is called after |current_authenticator_| is set.
62  void CreateAuthenticator(Authenticator::State preferred_initial_state,
63                           const base::Closure& resume_callback);
64
65  std::string local_cert_;
66  scoped_refptr<RsaKeyPair> local_key_pair_;
67
68  // Used only for shared secret host authenticators.
69  std::string shared_secret_hash_;
70
71  // Used only for third party host authenticators.
72  scoped_ptr<ThirdPartyHostAuthenticator::TokenValidator> token_validator_;
73
74  // Used only for pairing authenticators.
75  scoped_refptr<PairingRegistry> pairing_registry_;
76
77  DISALLOW_COPY_AND_ASSIGN(NegotiatingHostAuthenticator);
78};
79
80}  // namespace protocol
81}  // namespace remoting
82
83#endif  // REMOTING_PROTOCOL_NEGOTIATING_HOST_AUTHENTICATOR_H_
84