1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
7 /** @suppress {duplicate} */
8 var remoting = remoting || {};
11 * XmppLoginHandler handles authentication handshake for XmppConnection. It
12 * receives incoming data using onDataReceived(), calls |sendMessageCallback|
13 * to send outgoing messages and calls |onHandshakeDoneCallback| after
14 * authentication is finished successfully or |onErrorCallback| on error.
16 * See RFC3920 for description of XMPP and authentication handshake.
18 * @param {string} server Domain name of the server we are connecting to.
19 * @param {string} username Username.
20 * @param {string} authToken OAuth2 token.
21 * @param {boolean} needHandshakeBeforeTls Set to true when <starttls> handshake
22 * is required before starting TLS. Otherwise TLS can be started right away.
23 * @param {function(string):void} sendMessageCallback Callback to call to send
25 * @param {function():void} startTlsCallback Callback to call to start TLS on
26 * the underlying socket.
27 * @param {function(string, remoting.XmppStreamParser):void}
28 * onHandshakeDoneCallback Callback to call after authentication is
29 * completed successfully
30 * @param {function(remoting.Error, string):void} onErrorCallback Callback to
31 * call on error. Can be called at any point during lifetime of connection.
34 remoting.XmppLoginHandler = function(server,
37 needHandshakeBeforeTls,
40 onHandshakeDoneCallback,
43 this.server_ = server;
45 this.username_ = username;
47 this.authToken_ = authToken;
49 this.needHandshakeBeforeTls_ = needHandshakeBeforeTls;
51 this.sendMessageCallback_ = sendMessageCallback;
53 this.startTlsCallback_ = startTlsCallback;
55 this.onHandshakeDoneCallback_ = onHandshakeDoneCallback;
57 this.onErrorCallback_ = onErrorCallback;
60 this.state_ = remoting.XmppLoginHandler.State.INIT;
64 /** @type {remoting.XmppStreamParser} @private */
65 this.streamParser_ = null;
68 /** @return {function(string, remoting.XmppStreamParser):void} */
69 remoting.XmppLoginHandler.prototype.getHandshakeDoneCallbackForTesting =
71 return this.onHandshakeDoneCallback_;
75 * States the handshake goes through. States are iterated from INIT to DONE
76 * sequentially, except for ERROR state which may be accepted at any point.
78 * Following messages are sent/received in each state:
80 * client -> server: Stream header
81 * client -> server: <starttls>
83 * client <- server: Stream header with list of supported features which
84 * should include starttls.
85 * WAIT_STARTTLS_RESPONSE
86 * client <- server: <proceed>
89 * client -> server: Stream header
90 * client -> server: <auth> message with the OAuth2 token.
91 * WAIT_STREAM_HEADER_AFTER_TLS
92 * client <- server: Stream header with list of supported authentication
93 * methods which is expected to include X-OAUTH2
95 * client <- server: <success> or <failure>
96 * client -> server: Stream header
97 * client -> server: <bind>
98 * client -> server: <iq><session/></iq> to start the session
99 * WAIT_STREAM_HEADER_AFTER_AUTH
100 * client <- server: Stream header with list of features that should
103 * client <- server: <bind> result with JID.
104 * WAIT_SESSION_IQ_RESULT
105 * client <- server: result for <iq><session/></iq>
110 remoting.XmppLoginHandler.State = {
112 WAIT_STREAM_HEADER: 1,
113 WAIT_STARTTLS_RESPONSE: 2,
115 WAIT_STREAM_HEADER_AFTER_TLS: 4,
117 WAIT_STREAM_HEADER_AFTER_AUTH: 6,
119 WAIT_SESSION_IQ_RESULT: 8,
124 remoting.XmppLoginHandler.prototype.start = function() {
125 if (this.needHandshakeBeforeTls_) {
126 this.state_ = remoting.XmppLoginHandler.State.WAIT_STREAM_HEADER;
127 this.startStream_('<starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>');
129 // If <starttls> handshake is not required then start TLS right away.
130 this.state_ = remoting.XmppLoginHandler.State.STARTING_TLS;
131 this.startTlsCallback_();
135 /** @param {ArrayBuffer} data */
136 remoting.XmppLoginHandler.prototype.onDataReceived = function(data) {
137 base.debug.assert(this.state_ != remoting.XmppLoginHandler.State.INIT &&
138 this.state_ != remoting.XmppLoginHandler.State.DONE &&
139 this.state_ != remoting.XmppLoginHandler.State.ERROR);
141 this.streamParser_.appendData(data);
145 * @param {Element} stanza
148 remoting.XmppLoginHandler.prototype.onStanza_ = function(stanza) {
149 switch (this.state_) {
150 case remoting.XmppLoginHandler.State.WAIT_STREAM_HEADER:
151 if (stanza.querySelector('features>starttls')) {
152 this.state_ = remoting.XmppLoginHandler.State.WAIT_STARTTLS_RESPONSE;
154 this.onError_(remoting.Error.UNEXPECTED, "Server doesn't support TLS.");
158 case remoting.XmppLoginHandler.State.WAIT_STARTTLS_RESPONSE:
159 if (stanza.localName == "proceed") {
160 this.state_ = remoting.XmppLoginHandler.State.STARTING_TLS;
161 this.startTlsCallback_();
163 this.onError_(remoting.Error.UNEXPECTED,
164 "Failed to start TLS: " +
165 (new XMLSerializer().serializeToString(stanza)));
169 case remoting.XmppLoginHandler.State.WAIT_STREAM_HEADER_AFTER_TLS:
170 var mechanisms = Array.prototype.map.call(
171 stanza.querySelectorAll('features>mechanisms>mechanism'),
172 /** @param {Element} m */
173 function(m) { return m.textContent; });
174 if (mechanisms.indexOf("X-OAUTH2")) {
175 this.onError_(remoting.Error.UNEXPECTED,
176 "OAuth2 is not supported by the server.");
180 this.state_ = remoting.XmppLoginHandler.State.WAIT_AUTH_RESULT;
184 case remoting.XmppLoginHandler.State.WAIT_AUTH_RESULT:
185 if (stanza.localName == 'success') {
187 remoting.XmppLoginHandler.State.WAIT_STREAM_HEADER_AFTER_AUTH;
189 '<iq type="set" id="0">' +
190 '<bind xmlns="urn:ietf:params:xml:ns:xmpp-bind">' +
191 '<resource>chromoting</resource>'+
194 '<iq type="set" id="1">' +
195 '<session xmlns="urn:ietf:params:xml:ns:xmpp-session"/>' +
198 this.onError_(remoting.Error.AUTHENTICATION_FAILED,
199 'Failed to authenticate: ' +
200 (new XMLSerializer().serializeToString(stanza)));
204 case remoting.XmppLoginHandler.State.WAIT_STREAM_HEADER_AFTER_AUTH:
205 if (stanza.querySelector('features>bind')) {
206 this.state_ = remoting.XmppLoginHandler.State.WAIT_BIND_RESULT;
208 this.onError_(remoting.Error.UNEXPECTED,
209 "Server doesn't support bind after authentication.");
213 case remoting.XmppLoginHandler.State.WAIT_BIND_RESULT:
214 var jidElement = stanza.querySelector('iq>bind>jid');
215 if (stanza.getAttribute('id') != '0' ||
216 stanza.getAttribute('type') != 'result' || !jidElement) {
217 this.onError_(remoting.Error.UNEXPECTED,
218 'Received unexpected response to bind: ' +
219 (new XMLSerializer().serializeToString(stanza)));
222 this.jid_ = jidElement.textContent;
223 this.state_ = remoting.XmppLoginHandler.State.WAIT_SESSION_IQ_RESULT;
226 case remoting.XmppLoginHandler.State.WAIT_SESSION_IQ_RESULT:
227 if (stanza.getAttribute('id') != '1' ||
228 stanza.getAttribute('type') != 'result') {
229 this.onError_(remoting.Error.UNEXPECTED,
230 'Failed to start session: ' +
231 (new XMLSerializer().serializeToString(stanza)));
234 this.state_ = remoting.XmppLoginHandler.State.DONE;
235 this.onHandshakeDoneCallback_(this.jid_, this.streamParser_);
239 base.debug.assert(false);
244 remoting.XmppLoginHandler.prototype.onTlsStarted = function() {
245 base.debug.assert(this.state_ ==
246 remoting.XmppLoginHandler.State.STARTING_TLS);
247 this.state_ = remoting.XmppLoginHandler.State.WAIT_STREAM_HEADER_AFTER_TLS;
248 var cookie = window.btoa("\0" + this.username_ + "\0" + this.authToken_);
251 '<auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" ' +
252 'mechanism="X-OAUTH2" auth:service="oauth2" ' +
253 'auth:allow-generated-jid="true" ' +
254 'auth:client-uses-full-bind-result="true" ' +
255 'auth:allow-non-google-login="true" ' +
256 'xmlns:auth="http://www.google.com/talk/protocol/auth">' +
262 * @param {string} text
265 remoting.XmppLoginHandler.prototype.onParserError_ = function(text) {
266 this.onError_(remoting.Error.UNEXPECTED, text);
270 * @param {string} firstMessage Message to send after stream header.
273 remoting.XmppLoginHandler.prototype.startStream_ = function(firstMessage) {
274 this.sendMessageCallback_('<stream:stream to="' + this.server_ +
275 '" version="1.0" xmlns="jabber:client" ' +
276 'xmlns:stream="http://etherx.jabber.org/streams">' +
278 this.streamParser_ = new remoting.XmppStreamParser();
279 this.streamParser_.setCallbacks(this.onStanza_.bind(this),
280 this.onParserError_.bind(this));
284 * @param {remoting.Error} error
285 * @param {string} text
288 remoting.XmppLoginHandler.prototype.onError_ = function(error, text) {
289 if (this.state_ != remoting.XmppLoginHandler.State.ERROR) {
290 this.onErrorCallback_(error, text);
291 this.state_ = remoting.XmppLoginHandler.State.ERROR;