Home | History | Annotate | Download | only in privet 
      1 // Copyright 2015 The Weave Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef LIBWEAVE_SRC_PRIVET_SECURITY_DELEGATE_H_
      6 #define LIBWEAVE_SRC_PRIVET_SECURITY_DELEGATE_H_
      7 
      8 #include <memory>
      9 #include <set>
     10 #include <string>
     11 
     12 #include <base/time/time.h>
     13 
     14 #include "src/privet/privet_types.h"
     15 
     16 namespace weave {
     17 namespace privet {
     18 
     19 // Interface to provide Security related logic for |PrivetHandler|.
     20 class SecurityDelegate {
     21  public:
     22   virtual ~SecurityDelegate() {}
     23 
     24   // Creates access token for the given scope, user id and |time|.
     25   virtual bool CreateAccessToken(AuthType auth_type,
     26                                  const std::string& auth_code,
     27                                  AuthScope desired_scope,
     28                                  std::string* access_token,
     29                                  AuthScope* granted_scope,
     30                                  base::TimeDelta* ttl,
     31                                  ErrorPtr* error) = 0;
     32 
     33   // Validates |token| and returns scope, user id parsed from that.
     34   virtual bool ParseAccessToken(const std::string& token,
     35                                 UserInfo* user_info,
     36                                 ErrorPtr* error) const = 0;
     37 
     38   // Returns list of pairing methods by device.
     39   virtual std::set<PairingType> GetPairingTypes() const = 0;
     40 
     41   // Returns list of crypto methods supported by devices.
     42   virtual std::set<CryptoType> GetCryptoTypes() const = 0;
     43 
     44   // Returns list of auth methods supported by devices.
     45   virtual std::set<AuthType> GetAuthTypes() const = 0;
     46 
     47   // Returns Root Client Authorization Token.
     48   virtual std::string ClaimRootClientAuthToken(ErrorPtr* error) = 0;
     49 
     50   // Confirms pending pending token claim or checks that token is valid for the
     51   // active secret.
     52   virtual bool ConfirmClientAuthToken(const std::string& token,
     53                                       ErrorPtr* error) = 0;
     54 
     55   virtual bool StartPairing(PairingType mode,
     56                             CryptoType crypto,
     57                             std::string* session_id,
     58                             std::string* device_commitment,
     59                             ErrorPtr* error) = 0;
     60 
     61   virtual bool ConfirmPairing(const std::string& session_id,
     62                               const std::string& client_commitment,
     63                               std::string* fingerprint,
     64                               std::string* signature,
     65                               ErrorPtr* error) = 0;
     66 
     67   virtual bool CancelPairing(const std::string& session_id,
     68                              ErrorPtr* error) = 0;
     69 
     70   virtual std::string CreateSessionId() = 0;
     71 };
     72 
     73 }  // namespace privet
     74 }  // namespace weave
     75 
     76 #endif  // LIBWEAVE_SRC_PRIVET_SECURITY_DELEGATE_H_
     77