token_file_manager.h - chromiumos/platform/chaps - Git at Google

 // Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 // A token manager provides a set of methods for login agents to create and
 // validate token storage.

 #ifndef CHAPS_TOKEN_FILE_MANAGER_H_
 #define CHAPS_TOKEN_FILE_MANAGER_H_

 #include <string>

 #include <base/file_path.h>
 #include <chromeos/secure_blob.h>

 namespace chaps {

 class TokenFileManager {
  public:
   TokenFileManager(uid_t chapsd_uid, gid_t chapsd_gid);
   virtual ~TokenFileManager();

   // Returns true if the user's token exists at the expected location, and
   // returns this location.
   //  user: Name of the user.
   //  token_path: Set to the expected location of the user's token, regardless
   //              of whether the token exists already.
   virtual bool GetUserTokenPath(const std::string& user,
                                 base::FilePath* token_path);

   // Creates a token directory at the given path with the correct
   // permissions, returning true on success.
   //  token_path: The location of the token.
   virtual bool CreateUserTokenDirectory(const base::FilePath& token_path);

   // Checks the permissions of the token directory path, returning true if
   // they are valid.
   //  token_path: The location of the token.
   virtual bool CheckUserTokenPermissions(const base::FilePath& token_path);

   // Salts the authorization data using the token's stored salt value.
   //  token_path: The location of the token.
   //  auth_data: The authorization data to salt.
   //  salted_auth_data: Returns the salted authorization data.
   virtual bool SaltAuthData(const base::FilePath& token_path,
                             const chromeos::SecureBlob& auth_data,
                             chromeos::SecureBlob* salted_auth_data);

  private:
   DISALLOW_COPY_AND_ASSIGN(TokenFileManager);

   uid_t chapsd_uid_;
   gid_t chapsd_gid_;
 };

 }  // namespace chaps

 #endif  // CHAPS_TOKEN_FILE_MANAGER_H_
	// Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	// A token manager provides a set of methods for login agents to create and
	// validate token storage.

	#ifndef CHAPS_TOKEN_FILE_MANAGER_H_
	#define CHAPS_TOKEN_FILE_MANAGER_H_

	#include <string>

	#include <base/file_path.h>
	#include <chromeos/secure_blob.h>

	namespace chaps {

	class TokenFileManager {
	public:
	TokenFileManager(uid_t chapsd_uid, gid_t chapsd_gid);
	virtual ~TokenFileManager();

	// Returns true if the user's token exists at the expected location, and
	// returns this location.
	// user: Name of the user.
	// token_path: Set to the expected location of the user's token, regardless
	// of whether the token exists already.
	virtual bool GetUserTokenPath(const std::string& user,
	base::FilePath* token_path);

	// Creates a token directory at the given path with the correct
	// permissions, returning true on success.
	// token_path: The location of the token.
	virtual bool CreateUserTokenDirectory(const base::FilePath& token_path);

	// Checks the permissions of the token directory path, returning true if
	// they are valid.
	// token_path: The location of the token.
	virtual bool CheckUserTokenPermissions(const base::FilePath& token_path);

	// Salts the authorization data using the token's stored salt value.
	// token_path: The location of the token.
	// auth_data: The authorization data to salt.
	// salted_auth_data: Returns the salted authorization data.
	virtual bool SaltAuthData(const base::FilePath& token_path,
	const chromeos::SecureBlob& auth_data,
	chromeos::SecureBlob* salted_auth_data);

	private:
	DISALLOW_COPY_AND_ASSIGN(TokenFileManager);

	uid_t chapsd_uid_;
	gid_t chapsd_gid_;
	};

	} // namespace chaps

	#endif // CHAPS_TOKEN_FILE_MANAGER_H_