Home | History | Annotate | Download | only in login 
      1 /*
      2  * libjingle
      3  * Copyright 2004--2005, Google Inc.
      4  *
      5  * Redistribution and use in source and binary forms, with or without
      6  * modification, are permitted provided that the following conditions are met:
      7  *
      8  *  1. Redistributions of source code must retain the above copyright notice,
      9  *     this list of conditions and the following disclaimer.
     10  *  2. Redistributions in binary form must reproduce the above copyright notice,
     11  *     this list of conditions and the following disclaimer in the documentation
     12  *     and/or other materials provided with the distribution.
     13  *  3. The name of the author may not be used to endorse or promote products
     14  *     derived from this software without specific prior written permission.
     15  *
     16  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
     17  * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
     18  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
     19  * EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
     20  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
     21  * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
     22  * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
     23  * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
     24  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
     25  * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
     26  */
     27 
     28 #include "talk/examples/login/xmppauth.h"
     29 
     30 #include <algorithm>
     31 
     32 #include "talk/xmpp/saslcookiemechanism.h"
     33 #include "talk/xmpp/saslplainmechanism.h"
     34 
     35 XmppAuth::XmppAuth() : done_(false) {
     36 }
     37 
     38 XmppAuth::~XmppAuth() {
     39 }
     40 
     41 void XmppAuth::StartPreXmppAuth(const buzz::Jid & jid,
     42                                 const talk_base::SocketAddress & server,
     43                                 const talk_base::CryptString & pass,
     44                                 const std::string & auth_cookie) {
     45   jid_ = jid;
     46   passwd_ = pass;
     47   auth_cookie_ = auth_cookie;
     48   done_ = true;
     49 
     50   SignalAuthDone();
     51 }
     52 
     53 std::string XmppAuth::ChooseBestSaslMechanism(
     54     const std::vector<std::string> & mechanisms,
     55     bool encrypted) {
     56   std::vector<std::string>::const_iterator it;
     57 
     58   // a token is the weakest auth - 15s, service-limited, so prefer it.
     59   it = std::find(mechanisms.begin(), mechanisms.end(), "X-GOOGLE-TOKEN");
     60   if (it != mechanisms.end() && !auth_cookie_.empty())
     61     return "X-GOOGLE-TOKEN";
     62 
     63   // a cookie is the next weakest - 14 days
     64   it = std::find(mechanisms.begin(), mechanisms.end(), "X-GOOGLE-COOKIE");
     65   if (it != mechanisms.end() && !auth_cookie_.empty())
     66     return "X-GOOGLE-COOKIE";
     67 
     68     it = std::find(mechanisms.begin(), mechanisms.end(), "PLAIN");
     69     if (it != mechanisms.end())
     70       return "PLAIN";
     71 
     72   // No good mechanism found
     73  return "";
     74 }
     75 
     76 buzz::SaslMechanism* XmppAuth::CreateSaslMechanism(
     77     const std::string & mechanism) {
     78   if (mechanism == "X-GOOGLE-TOKEN") {
     79     return new buzz::SaslCookieMechanism(mechanism, jid_.Str(), auth_cookie_);
     80   //} else if (mechanism == "X-GOOGLE-COOKIE") {
     81   //  return new buzz::SaslCookieMechanism(mechanism, jid.Str(), sid_);
     82   } else if (mechanism == "PLAIN") {
     83     return new buzz::SaslPlainMechanism(jid_, passwd_);
     84   } else {
     85     return NULL;
     86   }
     87 }
     88