Create HttpAuthController.

net/http/http_network_transaction.h

 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef NET_HTTP_HTTP_NETWORK_TRANSACTION_H_
 #define NET_HTTP_HTTP_NETWORK_TRANSACTION_H_
 
 #include <string>
 
 #include "base/basictypes.h"
 #include "base/ref_counted.h"
 #include "base/scoped_ptr.h"
 #include "base/time.h"
 #include "net/base/address_list.h"
 #include "net/base/host_resolver.h"
 #include "net/base/io_buffer.h"
 #include "net/base/load_flags.h"
 #include "net/base/load_states.h"
 #include "net/base/net_log.h"
 #include "net/base/ssl_config_service.h"
 #include "net/http/http_alternate_protocols.h"
 #include "net/http/http_auth.h"
+#include "net/http/http_auth_controller.h"
 #include "net/http/http_auth_handler.h"
 #include "net/http/http_response_info.h"
 #include "net/http/http_transaction.h"
 #include "net/proxy/proxy_service.h"
 #include "net/socket/client_socket_pool.h"
 #include "testing/gtest/include/gtest/gtest_prod.h"
 
 namespace net {
 
 class ClientSocketFactory;
@@ skipping 200 matching lines @@
 
   // Clear the state used to setup the tunnel.
   void ClearTunnelState();
 
   // Returns true if we should try to add a Proxy-Authorization header
   bool ShouldApplyProxyAuth() const;
 
   // Returns true if we should try to add an Authorization header.
   bool ShouldApplyServerAuth() const;
 
-  // Adds either the proxy auth header, or the origin server auth header,
-  // as specified by |target|.
-  void AddAuthorizationHeader(
-      HttpAuth::Target target, HttpRequestHeaders* authorization_headers);
-
-  // Returns a log message for all the response headers related to the auth
-  // challenge.
-  std::string AuthChallengeLogMessage() const;
-
   // Handles HTTP status code 401 or 407.
   // HandleAuthChallenge() returns a network error code, or OK on success.
   // May update |pending_auth_target_| or |response_.auth_challenge|.
   int HandleAuthChallenge(bool establishing_tunnel);
 
-  // Populates response_.auth_challenge with the challenge information, so that
-  // URLRequestHttpJob can prompt for a username/password.
-  void PopulateAuthChallenge(HttpAuth::Target target,
-                             const GURL& auth_origin);
-
-  // Invalidates any auth cache entries after authentication has failed.
-  // The identity that was rejected is auth_identity_[target].
-  void InvalidateRejectedAuthFromCache(HttpAuth::Target target,
-                                       const GURL& auth_origin);
-
-  // Sets auth_identity_[target] to the next identity that the transaction
-  // should try. It chooses candidates by searching the auth cache
-  // and the URL for a username:password. Returns true if an identity
-  // was found.
-  bool SelectNextAuthIdentityToTry(HttpAuth::Target target,
-                                   const GURL& auth_origin);
-
-  // Searches the auth cache for an entry that encompasses the request's path.
-  // If such an entry is found, updates auth_identity_[target] and
-  // auth_handler_[target] with the cache entry's data and returns true.
-  bool SelectPreemptiveAuth(HttpAuth::Target target);
-
   bool HaveAuth(HttpAuth::Target target) const {
-    return auth_handler_[target].get() && !auth_identity_[target].invalid;
+    return auth_controllers_[target].get() &&
+         auth_controllers_[target]->HaveAuth();
   }
 
-  // Get the {scheme, host, port} for the authentication target
-  GURL AuthOrigin(HttpAuth::Target target) const;
-
-  // Same as AuthOrigin(), but will return an invalid GURL if the target is
-  // invalid.
-  GURL PossiblyInvalidAuthOrigin(HttpAuth::Target target) const;
-
-  // Get the absolute path of the resource needing authentication.
-  // For proxy authentication the path is always empty string.
-  std::string AuthPath(HttpAuth::Target target) const;
-
-  // Generate an authentication token for |target| if necessary. The return
-  // value is a net error code. |OK| will be returned both in the case that
-  // a token is correctly generated synchronously, as well as when no tokens
-  // were necessary.
-  int MaybeGenerateAuthToken(HttpAuth::Target target);
+  // Get the {scheme, host, path, port} for the authentication target
+  GURL AuthURL(HttpAuth::Target target) const;
 
   void MarkBrokenAlternateProtocolAndFallback();
 
-  // Returns a string representation of a HttpAuth::Target value that can be
-  // used in log messages.
-  static std::string AuthTargetString(HttpAuth::Target target);
-
   static bool g_ignore_certificate_errors;
 
-  // |auth_handler_| encapsulates the logic for the particular auth-scheme.
-  // This includes the challenge's parameters. If NULL, then there is no
-  // associated auth handler.
-  scoped_ptr<HttpAuthHandler> auth_handler_[HttpAuth::AUTH_NUM_TARGETS];
-
-  // |auth_identity_| holds the (username/password) that should be used by
-  // the |auth_handler_| to generate credentials. This identity can come from
-  // a number of places (url, cache, prompt).
-  HttpAuth::Identity auth_identity_[HttpAuth::AUTH_NUM_TARGETS];
-
-  // |auth_token_| contains the opaque string to pass to the proxy or
-  // server to authenticate the client.
-  std::string auth_token_[HttpAuth::AUTH_NUM_TARGETS];
+  scoped_ptr<HttpAuthController> auth_controllers_[HttpAuth::AUTH_NUM_TARGETS];
 
   // Whether this transaction is waiting for proxy auth, server auth, or is
   // not waiting for any auth at all. |pending_auth_target_| is read and
   // cleared by RestartWithAuth().
   HttpAuth::Target pending_auth_target_;
 
   CompletionCallbackImpl<HttpNetworkTransaction> io_callback_;
   CompletionCallback* user_callback_;
 
   scoped_refptr<HttpNetworkSession> session_;
@@ skipping 21 matching lines @@
   bool using_ssl_;     // True if handling a HTTPS request
 
   // True if this network transaction is using SPDY instead of HTTP.
   bool using_spdy_;
 
   AlternateProtocolMode alternate_protocol_mode_;
 
   // Only valid if |alternate_protocol_mode_| == kUsingAlternateProtocol.
   HttpAlternateProtocols::Protocol alternate_protocol_;
 
-  // True if we've used the username/password embedded in the URL.  This
-  // makes sure we use the embedded identity only once for the transaction,
-  // preventing an infinite auth restart loop.
-  bool embedded_identity_used_;
-
-  // True if default credentials have already been tried for this transaction
-  // in response to an HTTP authentication challenge.
-  bool default_credentials_used_;
-
   SSLConfig ssl_config_;
 
   std::string request_headers_;
 
   // The size in bytes of the buffer we use to drain the response body that
   // we want to throw away.  The response body is typically a small error
   // page just a few hundred bytes long.
   enum { kDrainBodyBufferSize = 1024 };
 
   // User buffer and length passed to the Read method.
@@ skipping 12 matching lines @@
   // The hostname and port of the endpoint.  This is not necessarily the one
   // specified by the URL, due to Alternate-Protocol or fixed testing ports.
   HostPortPair endpoint_;
 
   DISALLOW_COPY_AND_ASSIGN(HttpNetworkTransaction);
 };
 
 }  // namespace net
 
 #endif  // NET_HTTP_HTTP_NETWORK_TRANSACTION_H_