Mandoline: Disable slimming paint
[chromium-blink-merge.git] / remoting / protocol / third_party_client_authenticator.h
blob53dcde8a3d0f05376c4765b57a65a5f3320e52d2
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef REMOTING_PROTOCOL_THIRD_PARTY_CLIENT_AUTHENTICATOR_H_
6 #define REMOTING_PROTOCOL_THIRD_PARTY_CLIENT_AUTHENTICATOR_H_
8 #include <string>
10 #include "base/callback.h"
11 #include "base/memory/scoped_ptr.h"
12 #include "base/memory/weak_ptr.h"
13 #include "remoting/protocol/third_party_authenticator_base.h"
14 #include "url/gurl.h"
16 class GURL;
18 namespace remoting {
19 namespace protocol {
21 // Implements the client side of the third party authentication mechanism.
22 // The client authenticator expects a |token_url| and |scope| in the first
23 // message from the host, then calls the |TokenFetcher| asynchronously to
24 // request a |token| and |shared_secret| from that url. If the server requires
25 // interactive authentication, the |TokenFetcher| implementation will show the
26 // appropriate UI. Once the |TokenFetcher| returns, the client sends the |token|
27 // to the host, and uses the |shared_secret| to create an underlying
28 // |V2Authenticator|, which is used to establish the encrypted connection.
29 class ThirdPartyClientAuthenticator : public ThirdPartyAuthenticatorBase {
30 public:
31 class TokenFetcher {
32 public:
33 // Callback passed to |FetchThirdPartyToken|, and called once the client
34 // authentication finishes. |token| is an opaque string that should be sent
35 // directly to the host. |shared_secret| should be used by the client to
36 // create a V2Authenticator. In case of failure, the callback is called with
37 // an empty |token| and |shared_secret|.
38 typedef base::Callback<void(
39 const std::string& token,
40 const std::string& shared_secret)> TokenFetchedCallback;
42 virtual ~TokenFetcher() {}
44 // Fetches a third party token from |token_url|. |host_public_key| is sent
45 // to the server so it can later authenticate the host. |scope| is a string
46 // with a space-separated list of attributes for this connection (e.g.
47 // "hostjid:abc@example.com/123 clientjid:def@example.org/456".
48 // |token_fetched_callback| is called when the client authentication ends,
49 // in the same thread |FetchThirdPartyToken| was originally called.
50 // The request is canceled if the TokenFetcher is destroyed.
51 virtual void FetchThirdPartyToken(
52 const GURL& token_url,
53 const std::string& scope,
54 const TokenFetchedCallback& token_fetched_callback) = 0;
57 // Creates a third-party client authenticator for the host with the given
58 // |host_public_key|. |token_fetcher| is used to get the authentication token.
59 explicit ThirdPartyClientAuthenticator(
60 scoped_ptr<TokenFetcher> token_fetcher);
61 ~ThirdPartyClientAuthenticator() override;
63 protected:
64 // ThirdPartyAuthenticator implementation.
65 void ProcessTokenMessage(const buzz::XmlElement* message,
66 const base::Closure& resume_callback) override;
67 void AddTokenElements(buzz::XmlElement* message) override;
69 private:
70 void OnThirdPartyTokenFetched(const base::Closure& resume_callback,
71 const std::string& third_party_token,
72 const std::string& shared_secret);
74 std::string token_;
75 scoped_ptr<TokenFetcher> token_fetcher_;
77 DISALLOW_COPY_AND_ASSIGN(ThirdPartyClientAuthenticator);
81 } // namespace protocol
82 } // namespace remoting
84 #endif // REMOTING_PROTOCOL_THIRD_PARTY_CLIENT_AUTHENTICATOR_H_