1 // Copyright 2014 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef REMOTING_HOST_TOKEN_VALIDATOR_BASE_H_ 6 #define REMOTING_HOST_TOKEN_VALIDATOR_BASE_H_ 7 8 #include <memory> 9 10 #include "base/callback.h" 11 #include "base/macros.h" 12 #include "base/memory/weak_ptr.h" 13 #include "net/ssl/client_cert_identity.h" 14 #include "net/url_request/url_request.h" 15 #include "net/url_request/url_request_context_getter.h" 16 #include "remoting/host/third_party_auth_config.h" 17 #include "remoting/protocol/token_validator.h" 18 #include "url/gurl.h" 19 20 namespace net { 21 class ClientCertStore; 22 } 23 24 namespace remoting { 25 26 class TokenValidatorBase 27 : public net::URLRequest::Delegate, 28 public protocol::TokenValidator { 29 public: 30 TokenValidatorBase( 31 const ThirdPartyAuthConfig& third_party_auth_config, 32 const std::string& token_scope, 33 scoped_refptr<net::URLRequestContextGetter> request_context_getter); 34 ~TokenValidatorBase() override; 35 36 // TokenValidator interface. 37 void ValidateThirdPartyToken( 38 const std::string& token, 39 base::OnceCallback<void(const std::string& shared_secret)> 40 on_token_validated) override; 41 42 const GURL& token_url() const override; 43 const std::string& token_scope() const override; 44 45 // URLRequest::Delegate interface. 46 void OnResponseStarted(net::URLRequest* source, int net_result) override; 47 void OnReadCompleted(net::URLRequest* source, int net_result) override; 48 void OnReceivedRedirect(net::URLRequest* request, 49 const net::RedirectInfo& redirect_info, 50 bool* defer_redirect) override; 51 void OnCertificateRequested( 52 net::URLRequest* source, 53 net::SSLCertRequestInfo* cert_request_info) override; 54 55 protected: 56 void OnCertificatesSelected(net::ClientCertStore* unused, 57 net::ClientCertIdentityList selected_certs); 58 59 virtual void StartValidateRequest(const std::string& token) = 0; 60 virtual void ContinueWithCertificate( 61 scoped_refptr<net::X509Certificate> client_cert, 62 scoped_refptr<net::SSLPrivateKey> client_private_key); 63 virtual bool IsValidScope(const std::string& token_scope); 64 std::string ProcessResponse(int net_result); 65 66 // Constructor parameters. 67 ThirdPartyAuthConfig third_party_auth_config_; 68 std::string token_scope_; 69 scoped_refptr<net::URLRequestContextGetter> request_context_getter_; 70 71 // URLRequest related fields. 72 std::unique_ptr<net::URLRequest> request_; 73 scoped_refptr<net::IOBuffer> buffer_; 74 std::string data_; 75 76 // This is set by OnReceivedRedirect() if the token validation request is 77 // being re-submitted as a POST request. This can happen if the authentication 78 // cookie has not yet been set, and a login handler redirection causes the 79 // POST request to be turned into a GET operation, losing the POST data. In 80 // this case, an immediate retry (with the same cookie jar) is expected to 81 // succeeed. 82 bool retrying_request_ = false; 83 84 // Stores the most recently requested token, in case the validation request 85 // needs to be retried. 86 std::string token_; 87 88 base::OnceCallback<void(const std::string& shared_secret)> 89 on_token_validated_; 90 91 base::WeakPtrFactory<TokenValidatorBase> weak_factory_{this}; 92 93 DISALLOW_COPY_AND_ASSIGN(TokenValidatorBase); 94 }; 95 96 } // namespace remoting 97 98 #endif // REMOTING_HOST_TOKEN_VALIDATOR_BASE_H 99