1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "remoting/host/third_party_auth_config.h"
7 #include "base/logging.h"
8 #include "base/values.h"
9 #include "policy/policy_constants.h"
15 bool ParseUrlPolicy(const std::string
& str
, GURL
* out
) {
22 if (!gurl
.is_valid()) {
23 LOG(ERROR
) << "Not a valid URL: " << str
;
26 // We validate https-vs-http only on Release builds to help with manual testing.
28 if (!gurl
.SchemeIsSecure()) {
29 LOG(ERROR
) << "Not a secure URL: " << str
;
40 bool ThirdPartyAuthConfig::ParseStrings(
41 const std::string
& token_url
,
42 const std::string
& token_validation_url
,
43 const std::string
& token_validation_cert_issuer
,
44 ThirdPartyAuthConfig
* result
) {
45 ThirdPartyAuthConfig tmp
;
47 // Extract raw values for the 3 individual fields.
48 bool urls_valid
= true;
49 urls_valid
&= ParseUrlPolicy(token_url
, &tmp
.token_url
);
50 urls_valid
&= ParseUrlPolicy(token_validation_url
, &tmp
.token_validation_url
);
54 tmp
.token_validation_cert_issuer
= token_validation_cert_issuer
;
56 // Validate inter-dependencies between the 3 fields.
57 if (tmp
.token_url
.is_empty() ^ tmp
.token_validation_url
.is_empty()) {
58 LOG(ERROR
) << "TokenUrl and TokenValidationUrl "
59 << "have to be specified together.";
62 if (!tmp
.token_validation_cert_issuer
.empty() && tmp
.token_url
.is_empty()) {
63 LOG(ERROR
) << "TokenValidationCertificateIssuer cannot be used "
64 << "without TokenUrl and TokenValidationUrl.";
74 void ExtractHelper(const base::DictionaryValue
& policy_dict
,
75 const std::string
& policy_name
,
77 std::string
* policy_value
) {
78 if (policy_dict
.GetString(policy_name
, policy_value
)) {
79 *policy_present
= true;
81 policy_value
->clear();
87 bool ThirdPartyAuthConfig::ExtractStrings(
88 const base::DictionaryValue
& policy_dict
,
89 std::string
* token_url
,
90 std::string
* token_validation_url
,
91 std::string
* token_validation_cert_issuer
) {
92 bool policies_present
= false;
93 ExtractHelper(policy_dict
, policy::key::kRemoteAccessHostTokenUrl
,
94 &policies_present
, token_url
);
95 ExtractHelper(policy_dict
, policy::key::kRemoteAccessHostTokenValidationUrl
,
96 &policies_present
, token_validation_url
);
97 ExtractHelper(policy_dict
,
98 policy::key::kRemoteAccessHostTokenValidationCertificateIssuer
,
99 &policies_present
, token_validation_cert_issuer
);
100 return policies_present
;
103 ThirdPartyAuthConfig::ParseStatus
ThirdPartyAuthConfig::Parse(
104 const base::DictionaryValue
& policy_dict
,
105 ThirdPartyAuthConfig
* result
) {
106 // Extract 3 individial policy values.
107 std::string token_url
;
108 std::string token_validation_url
;
109 std::string token_validation_cert_issuer
;
110 if (!ThirdPartyAuthConfig::ExtractStrings(policy_dict
, &token_url
,
111 &token_validation_url
,
112 &token_validation_cert_issuer
)) {
116 // Parse the policy value.
117 if (!ThirdPartyAuthConfig::ParseStrings(token_url
, token_validation_url
,
118 token_validation_cert_issuer
,
120 return InvalidPolicy
;
123 return ParsingSuccess
;
126 std::ostream
& operator<<(std::ostream
& os
, const ThirdPartyAuthConfig
& cfg
) {
128 os
<< "<no 3rd party auth config specified>";
130 os
<< "TokenUrl = <" << cfg
.token_url
<< ">, ";
131 os
<< "TokenValidationUrl = <" << cfg
.token_validation_url
<< ">, ";
132 os
<< "TokenValidationCertificateIssuer = <"
133 << cfg
.token_validation_cert_issuer
<< ">";
138 } // namespace remoting