| Index: net/http/http_auth_controller.h
|
| diff --git a/net/http/http_auth_controller.h b/net/http/http_auth_controller.h
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..bc1395fed0432af04b3c5d688a82c3ed8d8cdd27
|
| --- /dev/null
|
| +++ b/net/http/http_auth_controller.h
|
| @@ -0,0 +1,134 @@
|
| +// Copyright (c) 2010 The Chromium Authors. All rights reserved.
|
| +// Use of this source code is governed by a BSD-style license that can be
|
| +// found in the LICENSE file.
|
| +
|
| +#ifndef NET_HTTP_HTTP_AUTH_CONTROLLER_H_
|
| +#define NET_HTTP_HTTP_AUTH_CONTROLLER_H_
|
| +
|
| +#include <string>
|
| +
|
| +#include "base/basictypes.h"
|
| +#include "base/ref_counted.h"
|
| +#include "base/scoped_ptr.h"
|
| +#include "googleurl/src/gurl.h"
|
| +#include "net/base/completion_callback.h"
|
| +#include "net/base/net_log.h"
|
| +#include "net/http/http_auth.h"
|
| +
|
| +namespace net {
|
| +
|
| +class AuthChallengeInfo;
|
| +class HostResolver;
|
| +class HttpNetworkSession;
|
| +class HttpRequestHeaders;
|
| +struct HttpRequestInfo;
|
| +
|
| +class HttpAuthController {
|
| + public:
|
| + // The arguments are self explanatory except possibly for |auth_url|, which
|
| + // should be both the auth target and auth path in a single url argument.
|
| + HttpAuthController(HttpAuth::Target target, const GURL& auth_url,
|
| + scoped_refptr<HttpNetworkSession> session,
|
| + const BoundNetLog& net_log);
|
| +
|
| + // Generate an authentication token for |target| if necessary. The return
|
| + // value is a net error code. |OK| will be returned both in the case that
|
| + // a token is correctly generated synchronously, as well as when no tokens
|
| + // were necessary.
|
| + int MaybeGenerateAuthToken(const HttpRequestInfo* request,
|
| + CompletionCallback* callback);
|
| +
|
| + // Adds either the proxy auth header, or the origin server auth header,
|
| + // as specified by |target_|.
|
| + void AddAuthorizationHeader(HttpRequestHeaders* authorization_headers);
|
| +
|
| + // Checks for and handles HTTP status code 401 or 407.
|
| + // |HandleAuthChallenge()| returns OK on success,
|
| + // ERR_AUTH_NEEDS_CANONICAL_NAME if the handler needs the canonical name
|
| + // resolved, or a network error code. It may also populate |auth_info_|.
|
| + int HandleAuthChallenge(scoped_refptr<HttpResponseHeaders> headers,
|
| + int load_flags, bool establishing_tunnel);
|
| +
|
| + int ResolveCanonicalName(CompletionCallback* callback);
|
| +
|
| + // Store the supplied credentials and prepare to restart the auth.
|
| + void ResetAuth(const std::wstring& username, const std::wstring& password);
|
| +
|
| + bool HaveAuthHandler() const {
|
| + return handler_.get() != NULL;
|
| + }
|
| +
|
| + bool HaveAuth() const {
|
| + return handler_.get() && !identity_.invalid;
|
| + }
|
| +
|
| + scoped_refptr<AuthChallengeInfo> auth_info() {
|
| + return auth_info_;
|
| + }
|
| +
|
| + private:
|
| + // Searches the auth cache for an entry that encompasses the request's path.
|
| + // If such an entry is found, updates |identity_| and |handler_| with the
|
| + // cache entry's data and returns true.
|
| + bool SelectPreemptiveAuth();
|
| +
|
| + // Invalidates any auth cache entries after authentication has failed.
|
| + // The identity that was rejected is |identity_|.
|
| + void InvalidateRejectedAuthFromCache();
|
| +
|
| + // Sets |identity_| to the next identity that the transaction should try. It
|
| + // chooses candidates by searching the auth cache and the URL for a
|
| + // username:password. Returns true if an identity was found.
|
| + bool SelectNextAuthIdentityToTry();
|
| +
|
| + // Populates auth_info_ with the challenge information, so that
|
| + // URLRequestHttpJob can prompt for a username/password.
|
| + void PopulateAuthChallenge();
|
| +
|
| + // Indicates if this handler is for Proxy auth or Server auth.
|
| + HttpAuth::Target target_;
|
| +
|
| + // Holds the {scheme, host, path, port} for the authentication target.
|
| + const GURL auth_url_;
|
| +
|
| + // Holds the {scheme, host, port} for the authentication target.
|
| + const GURL auth_origin_;
|
| +
|
| + // The absolute path of the resource needing authentication.
|
| + // For proxy authentication the path is empty.
|
| + const std::string auth_path_;
|
| +
|
| + // |handler_| encapsulates the logic for the particular auth-scheme.
|
| + // This includes the challenge's parameters. If NULL, then there is no
|
| + // associated auth handler.
|
| + scoped_ptr<HttpAuthHandler> handler_;
|
| +
|
| + // |identity_| holds the (username/password) that should be used by
|
| + // the handler_ to generate credentials. This identity can come from
|
| + // a number of places (url, cache, prompt).
|
| + HttpAuth::Identity identity_;
|
| +
|
| + // |auth_token_| contains the opaque string to pass to the proxy or
|
| + // server to authenticate the client.
|
| + std::string auth_token_;
|
| +
|
| + // Contains information about the auth challenge.
|
| + scoped_refptr<AuthChallengeInfo> auth_info_;
|
| +
|
| + // True if we've used the username/password embedded in the URL. This
|
| + // makes sure we use the embedded identity only once for the transaction,
|
| + // preventing an infinite auth restart loop.
|
| + bool embedded_identity_used_;
|
| +
|
| + // True if default credentials have already been tried for this transaction
|
| + // in response to an HTTP authentication challenge.
|
| + bool default_credentials_used_;
|
| +
|
| + scoped_refptr<HttpNetworkSession> session_;
|
| +
|
| + BoundNetLog net_log_;
|
| +};
|
| +
|
| +} // namespace net
|
| +
|
| +#endif // NET_HTTP_HTTP_AUTH_CONTROLLER_H_
|
|
|
Chromium Code Reviews
Issue 2808020:
Create HttpAuthController. (Closed)
