| Vitaly Buka | 4615e0d | 2015-10-14 15:35:12 -0700 | [diff] [blame] | 1 | // Copyright 2015 The Weave Authors. All rights reserved. |
| Vitaly Buka | 7ce499f | 2015-06-09 08:04:11 -0700 | [diff] [blame] | 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
| Vitaly Buka | 912b698 | 2015-07-06 11:13:03 -0700 | [diff] [blame] | 5 | #ifndef LIBWEAVE_SRC_PRIVET_SECURITY_DELEGATE_H_ |
| 6 | #define LIBWEAVE_SRC_PRIVET_SECURITY_DELEGATE_H_ |
| Vitaly Buka | 7ce499f | 2015-06-09 08:04:11 -0700 | [diff] [blame] | 7 | |
| 8 | #include <memory> |
| 9 | #include <set> |
| 10 | #include <string> |
| 11 | |
| 12 | #include <base/time/time.h> |
| Vitaly Buka | 7ce499f | 2015-06-09 08:04:11 -0700 | [diff] [blame] | 13 | |
| Stefan Sauer | 2d16dfa | 2015-09-25 17:08:35 +0200 | [diff] [blame] | 14 | #include "src/privet/privet_types.h" |
| Vitaly Buka | 7ce499f | 2015-06-09 08:04:11 -0700 | [diff] [blame] | 15 | |
| Vitaly Buka | b6f015a | 2015-07-09 14:59:23 -0700 | [diff] [blame] | 16 | namespace weave { |
| 17 | namespace privet { |
| Vitaly Buka | 7ce499f | 2015-06-09 08:04:11 -0700 | [diff] [blame] | 18 | |
| Vitaly Buka | 7ce499f | 2015-06-09 08:04:11 -0700 | [diff] [blame] | 19 | // Interface to provide Security related logic for |PrivetHandler|. |
| 20 | class SecurityDelegate { |
| 21 | public: |
| Vitaly Buka | 3bfb13d | 2015-11-24 14:46:13 -0800 | [diff] [blame] | 22 | virtual ~SecurityDelegate() {} |
| Vitaly Buka | 7ce499f | 2015-06-09 08:04:11 -0700 | [diff] [blame] | 23 | |
| 24 | // Creates access token for the given scope, user id and |time|. |
| Vitaly Buka | fd2ef68 | 2015-12-17 20:57:01 -0800 | [diff] [blame] | 25 | virtual bool CreateAccessToken(AuthType auth_type, |
| 26 | const std::string& auth_code, |
| 27 | AuthScope desired_scope, |
| 28 | std::string* access_token, |
| 29 | AuthScope* granted_scope, |
| 30 | base::TimeDelta* ttl, |
| 31 | ErrorPtr* error) = 0; |
| Vitaly Buka | 7ce499f | 2015-06-09 08:04:11 -0700 | [diff] [blame] | 32 | |
| Vitaly Buka | a0a8134 | 2015-12-17 13:42:13 -0800 | [diff] [blame] | 33 | // Validates |token| and returns scope, user id parsed from that. |
| 34 | virtual bool ParseAccessToken(const std::string& token, |
| 35 | UserInfo* user_info, |
| 36 | ErrorPtr* error) const = 0; |
| Vitaly Buka | 7ce499f | 2015-06-09 08:04:11 -0700 | [diff] [blame] | 37 | |
| 38 | // Returns list of pairing methods by device. |
| 39 | virtual std::set<PairingType> GetPairingTypes() const = 0; |
| 40 | |
| 41 | // Returns list of crypto methods supported by devices. |
| 42 | virtual std::set<CryptoType> GetCryptoTypes() const = 0; |
| 43 | |
| Vitaly Buka | ee7322f | 2015-12-18 16:54:05 -0800 | [diff] [blame] | 44 | // Returns list of auth methods supported by devices. |
| 45 | virtual std::set<AuthType> GetAuthTypes() const = 0; |
| 46 | |
| Vitaly Buka | 29bc593 | 2015-12-13 22:56:52 -0800 | [diff] [blame] | 47 | // Returns Root Client Authorization Token. |
| Vitaly Buka | 4ab5002 | 2015-12-14 22:32:24 -0800 | [diff] [blame] | 48 | virtual std::string ClaimRootClientAuthToken(ErrorPtr* error) = 0; |
| Vitaly Buka | 29bc593 | 2015-12-13 22:56:52 -0800 | [diff] [blame] | 49 | |
| 50 | // Confirms pending pending token claim or checks that token is valid for the |
| 51 | // active secret. |
| Vitaly Buka | 305ab61 | 2015-12-15 12:02:59 -0800 | [diff] [blame] | 52 | virtual bool ConfirmClientAuthToken(const std::string& token, |
| 53 | ErrorPtr* error) = 0; |
| Vitaly Buka | 29bc593 | 2015-12-13 22:56:52 -0800 | [diff] [blame] | 54 | |
| Vitaly Buka | 7ce499f | 2015-06-09 08:04:11 -0700 | [diff] [blame] | 55 | virtual bool StartPairing(PairingType mode, |
| 56 | CryptoType crypto, |
| 57 | std::string* session_id, |
| 58 | std::string* device_commitment, |
| Vitaly Buka | 0801a1f | 2015-08-14 10:03:46 -0700 | [diff] [blame] | 59 | ErrorPtr* error) = 0; |
| Vitaly Buka | 7ce499f | 2015-06-09 08:04:11 -0700 | [diff] [blame] | 60 | |
| 61 | virtual bool ConfirmPairing(const std::string& session_id, |
| 62 | const std::string& client_commitment, |
| 63 | std::string* fingerprint, |
| 64 | std::string* signature, |
| Vitaly Buka | 0801a1f | 2015-08-14 10:03:46 -0700 | [diff] [blame] | 65 | ErrorPtr* error) = 0; |
| Vitaly Buka | 7ce499f | 2015-06-09 08:04:11 -0700 | [diff] [blame] | 66 | |
| 67 | virtual bool CancelPairing(const std::string& session_id, |
| Vitaly Buka | 0801a1f | 2015-08-14 10:03:46 -0700 | [diff] [blame] | 68 | ErrorPtr* error) = 0; |
| Vitaly Buka | 483d597 | 2015-12-16 13:45:35 -0800 | [diff] [blame] | 69 | |
| 70 | virtual std::string CreateSessionId() = 0; |
| Vitaly Buka | 7ce499f | 2015-06-09 08:04:11 -0700 | [diff] [blame] | 71 | }; |
| 72 | |
| Vitaly Buka | b6f015a | 2015-07-09 14:59:23 -0700 | [diff] [blame] | 73 | } // namespace privet |
| 74 | } // namespace weave |
| Vitaly Buka | 7ce499f | 2015-06-09 08:04:11 -0700 | [diff] [blame] | 75 | |
| Vitaly Buka | 912b698 | 2015-07-06 11:13:03 -0700 | [diff] [blame] | 76 | #endif // LIBWEAVE_SRC_PRIVET_SECURITY_DELEGATE_H_ |
