// Copyright 2013 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef REMOTING_PROTOCOL_NEGOTIATING_HOST_AUTHENTICATOR_H_
#define REMOTING_PROTOCOL_NEGOTIATING_HOST_AUTHENTICATOR_H_
#include <string>
#include <vector>
#include "base/basictypes.h"
#include "base/memory/ref_counted.h"
#include "base/memory/scoped_ptr.h"
#include "remoting/protocol/authentication_method.h"
#include "remoting/protocol/authenticator.h"
#include "remoting/protocol/negotiating_authenticator_base.h"
#include "remoting/protocol/pairing_registry.h"
#include "remoting/protocol/third_party_host_authenticator.h"
namespace remoting {
class RsaKeyPair;
namespace protocol {
// Host-side implementation of NegotiatingAuthenticatorBase.
// See comments in negotiating_authenticator_base.h for a general explanation.
class NegotiatingHostAuthenticator : public NegotiatingAuthenticatorBase {
public:
virtual ~NegotiatingHostAuthenticator();
// Creates a host authenticator, using a fixed shared secret/PIN hash.
// If |pairing_registry| is non-NULL then the Spake2Pair method will
// be offered, supporting PIN-less authentication.
static scoped_ptr<Authenticator> CreateWithSharedSecret(
const std::string& local_cert,
scoped_refptr<RsaKeyPair> key_pair,
const std::string& shared_secret_hash,
AuthenticationMethod::HashFunction hash_function,
scoped_refptr<PairingRegistry> pairing_registry);
// Creates a host authenticator, using third party authentication.
static scoped_ptr<Authenticator> CreateWithThirdPartyAuth(
const std::string& local_cert,
scoped_refptr<RsaKeyPair> key_pair,
scoped_ptr<TokenValidator> token_validator);
// Overriden from Authenticator.
virtual void ProcessMessage(const buzz::XmlElement* message,
const base::Closure& resume_callback) OVERRIDE;
virtual scoped_ptr<buzz::XmlElement> GetNextMessage() OVERRIDE;
private:
NegotiatingHostAuthenticator(
const std::string& local_cert,
scoped_refptr<RsaKeyPair> key_pair);
// (Asynchronously) creates an authenticator, and stores it in
// |current_authenticator_|. Authenticators that can be started in either
// state will be created in |preferred_initial_state|.
// |resume_callback| is called after |current_authenticator_| is set.
void CreateAuthenticator(Authenticator::State preferred_initial_state,
const base::Closure& resume_callback);
std::string local_cert_;
scoped_refptr<RsaKeyPair> local_key_pair_;
// Used only for shared secret host authenticators.
std::string shared_secret_hash_;
// Used only for third party host authenticators.
scoped_ptr<TokenValidator> token_validator_;
// Used only for pairing authenticators.
scoped_refptr<PairingRegistry> pairing_registry_;
DISALLOW_COPY_AND_ASSIGN(NegotiatingHostAuthenticator);
};
} // namespace protocol
} // namespace remoting
#endif // REMOTING_PROTOCOL_NEGOTIATING_HOST_AUTHENTICATOR_H_