diff options
Diffstat (limited to 'remoting/host/setup/native_messaging_host.cc')
-rw-r--r-- | remoting/host/setup/native_messaging_host.cc | 68 |
1 files changed, 67 insertions, 1 deletions
diff --git a/remoting/host/setup/native_messaging_host.cc b/remoting/host/setup/native_messaging_host.cc index 7bf6b7c150..0492736c61 100644 --- a/remoting/host/setup/native_messaging_host.cc +++ b/remoting/host/setup/native_messaging_host.cc @@ -15,12 +15,16 @@ #include "base/run_loop.h" #include "base/strings/stringize_macros.h" #include "base/values.h" +#include "google_apis/gaia/gaia_oauth_client.h" +#include "google_apis/google_api_keys.h" #include "net/base/net_util.h" +#include "net/url_request/url_fetcher.h" #include "remoting/base/rsa_key_pair.h" +#include "remoting/base/url_request_context.h" #include "remoting/host/host_exit_codes.h" #include "remoting/host/pairing_registry_delegate.h" -#include "remoting/host/pairing_registry_delegate.h" #include "remoting/host/pin_hash.h" +#include "remoting/host/setup/oauth_client.h" #include "remoting/protocol/pairing_registry.h" #if defined(OS_POSIX) @@ -32,8 +36,13 @@ namespace { // Features supported in addition to the base protocol. const char* kSupportedFeatures[] = { "pairingRegistry", + "oauthClient" }; +// redirect_uri to use when authenticating service accounts (service account +// codes are obtained "out-of-band", i.e., not through an OAuth redirect). +const char* kServiceAccountRedirectUri = "oob"; + // Helper to extract the "config" part of a message as a DictionaryValue. // Returns NULL on failure, and logs an error message. scoped_ptr<base::DictionaryValue> ConfigDictionaryFromMessage( @@ -55,6 +64,7 @@ namespace remoting { NativeMessagingHost::NativeMessagingHost( scoped_ptr<DaemonController> daemon_controller, scoped_refptr<protocol::PairingRegistry> pairing_registry, + scoped_ptr<OAuthClient> oauth_client, base::PlatformFile input, base::PlatformFile output, scoped_refptr<base::SingleThreadTaskRunner> caller_task_runner, @@ -65,6 +75,7 @@ NativeMessagingHost::NativeMessagingHost( native_messaging_writer_(output), daemon_controller_(daemon_controller.Pass()), pairing_registry_(pairing_registry), + oauth_client_(oauth_client.Pass()), weak_factory_(this) { weak_ptr_ = weak_factory_.GetWeakPtr(); } @@ -145,6 +156,11 @@ void NativeMessagingHost::ProcessMessage(scoped_ptr<base::Value> message) { success = ProcessStopDaemon(*message_dict, response_dict.Pass()); } else if (type == "getDaemonState") { success = ProcessGetDaemonState(*message_dict, response_dict.Pass()); + } else if (type == "getHostClientId") { + success = ProcessGetHostClientId(*message_dict, response_dict.Pass()); + } else if (type == "getCredentialsFromAuthCode") { + success = ProcessGetCredentialsFromAuthCode( + *message_dict, response_dict.Pass()); } else { LOG(ERROR) << "Unsupported request type: " << type; } @@ -347,6 +363,38 @@ bool NativeMessagingHost::ProcessGetDaemonState( return true; } +bool NativeMessagingHost::ProcessGetHostClientId( + const base::DictionaryValue& message, + scoped_ptr<base::DictionaryValue> response) { + response->SetString("clientId", google_apis::GetOAuth2ClientID( + google_apis::CLIENT_REMOTING_HOST)); + SendResponse(response.Pass()); + return true; +} + +bool NativeMessagingHost::ProcessGetCredentialsFromAuthCode( + const base::DictionaryValue& message, + scoped_ptr<base::DictionaryValue> response) { + std::string auth_code; + if (!message.GetString("authorizationCode", &auth_code)) { + LOG(ERROR) << "'authorizationCode' string not found."; + return false; + } + + gaia::OAuthClientInfo oauth_client_info = { + google_apis::GetOAuth2ClientID(google_apis::CLIENT_REMOTING_HOST), + google_apis::GetOAuth2ClientSecret(google_apis::CLIENT_REMOTING_HOST), + kServiceAccountRedirectUri + }; + + oauth_client_->GetCredentialsFromAuthCode( + oauth_client_info, auth_code, base::Bind( + &NativeMessagingHost::SendCredentialsResponse, weak_ptr_, + base::Passed(&response))); + + return true; +} + void NativeMessagingHost::SendResponse( scoped_ptr<base::DictionaryValue> response) { if (!caller_task_runner_->BelongsToCurrentThread()) { @@ -415,6 +463,15 @@ void NativeMessagingHost::SendBooleanResult( SendResponse(response.Pass()); } +void NativeMessagingHost::SendCredentialsResponse( + scoped_ptr<base::DictionaryValue> response, + const std::string& user_email, + const std::string& refresh_token) { + response->SetString("userEmail", user_email); + response->SetString("refreshToken", refresh_token); + SendResponse(response.Pass()); +} + int NativeMessagingHostMain() { #if defined(OS_WIN) base::PlatformFile read_file = GetStdHandle(STD_INPUT_HANDLE); @@ -428,10 +485,19 @@ int NativeMessagingHostMain() { base::MessageLoop message_loop(base::MessageLoop::TYPE_IO); base::RunLoop run_loop; + // OAuth client (for credential requests). + scoped_refptr<net::URLRequestContextGetter> url_request_context_getter( + new remoting::URLRequestContextGetter(message_loop.message_loop_proxy())); + scoped_ptr<remoting::OAuthClient> oauth_client( + new remoting::OAuthClient(url_request_context_getter)); + + net::URLFetcher::SetIgnoreCertificateRequests(true); + scoped_refptr<protocol::PairingRegistry> pairing_registry = CreatePairingRegistry(message_loop.message_loop_proxy()); remoting::NativeMessagingHost host(remoting::DaemonController::Create(), pairing_registry, + oauth_client.Pass(), read_file, write_file, message_loop.message_loop_proxy(), run_loop.QuitClosure()); |