proxygen
TokenBindingClientExtension.cpp
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2018-present, Facebook, Inc.
3  * All rights reserved.
4  *
5  * This source code is licensed under the BSD-style license found in the
6  * LICENSE file in the root directory of this source tree.
7  */
8 
9 #include <fizz/extensions/tokenbinding/TokenBindingClientExtension.h>
10 
11 namespace fizz {
12 namespace extensions {
13 
14 std::vector<Extension> TokenBindingClientExtension::getClientHelloExtensions()
15  const {
16  std::vector<Extension> clientExtensions;
17  if (context_->getSupportedVersions().empty() ||
18  context_->getKeyParams().empty()) {
19  return clientExtensions;
20  }
21  TokenBindingParameters clientParams;
22  clientParams.version = context_->getSupportedVersions().front();
23  clientParams.key_parameters_list = context_->getKeyParams();
24  clientExtensions.push_back(encodeExtension(clientParams));
25  return clientExtensions;
26 }
27 
28 void TokenBindingClientExtension::onEncryptedExtensions(
29  const std::vector<Extension>& extensions) {
30  auto serverParams = getExtension<TokenBindingParameters>(extensions);
31  if (!serverParams.hasValue()) {
32  VLOG(6) << "Server did not negotiate token binding";
33  return;
34  }
35  if (serverParams->key_parameters_list.size() != 1) {
36  throw FizzException(
37  "Incorrect number of key_parameters sent by server",
38  AlertDescription::unsupported_extension);
39  }
40  if (serverParams->version > context_->getSupportedVersions().front()) {
41  throw FizzException(
42  "Server sent higher tokbind version",
43  AlertDescription::unsupported_extension);
44  }
45 
46  auto keyParam = std::find(
47  context_->getKeyParams().begin(),
48  context_->getKeyParams().end(),
49  serverParams->key_parameters_list.front());
50  if (keyParam == context_->getKeyParams().end()) {
51  throw FizzException(
52  "Unsupported key parameter sent by server",
53  AlertDescription::unsupported_extension);
54  }
55 
56  auto version = std::find(
57  context_->getSupportedVersions().begin(),
58  context_->getSupportedVersions().end(),
59  serverParams->version);
60  if (version == context_->getSupportedVersions().end()) {
61  VLOG(6) << "Server sent lower, unsupported, token binding version";
62  return;
63  }
64  negotiatedVersion_ = *version;
65  negotiatedKeyParam_ = *keyParam;
66 }
67 } // namespace extensions
68 } // namespace fizz
fizz::extensions::TokenBindingClientExtension::getClientHelloExtensions
std::vector< Extension > getClientHelloExtensions() const override
Definition: TokenBindingClientExtension.cpp:14
version
ProtocolVersion version
Definition: ClientProtocol.cpp:1005
fizz::extensions::TokenBindingParameters::version
TokenBindingProtocolVersion version
Definition: Types.h:42
fizz::extensions::TokenBindingClientExtension::negotiatedKeyParam_
folly::Optional< TokenBindingKeyParameters > negotiatedKeyParam_
Definition: TokenBindingClientExtension.h:39
fizz
Definition: Actions.h:16
fizz::extensions::TokenBindingClientExtension::negotiatedVersion_
folly::Optional< TokenBindingProtocolVersion > negotiatedVersion_
Definition: TokenBindingClientExtension.h:38
fizz::extensions::TokenBindingClientExtension::onEncryptedExtensions
void onEncryptedExtensions(const std::vector< Extension > &extensions) override
Definition: TokenBindingClientExtension.cpp:28
fizz::extensions::TokenBindingParameters::key_parameters_list
std::vector< TokenBindingKeyParameters > key_parameters_list
Definition: Types.h:43
fizz::extensions::TokenBindingClientExtension::context_
std::shared_ptr< TokenBindingContext > context_
Definition: TokenBindingClientExtension.h:40
fizz::encodeExtension
Extension encodeExtension(const TokenBindingParameters &params)
Definition: Types.cpp:113