OLD | NEW |
1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_HTTP_HTTP_AUTH_HANDLER_H_ | 5 #ifndef NET_HTTP_HTTP_AUTH_HANDLER_H_ |
6 #define NET_HTTP_HTTP_AUTH_HANDLER_H_ | 6 #define NET_HTTP_HTTP_AUTH_HANDLER_H_ |
7 | 7 |
8 #include <string> | 8 #include <string> |
9 | 9 |
10 #include "base/ref_counted.h" | 10 #include "base/ref_counted.h" |
11 #include "net/http/http_auth.h" | 11 #include "net/http/http_auth.h" |
12 | 12 |
13 namespace net { | 13 namespace net { |
14 | 14 |
15 class HttpRequestInfo; | 15 class HttpRequestInfo; |
16 class ProxyInfo; | 16 class ProxyInfo; |
17 | 17 |
18 // HttpAuthHandler is the interface for the authentication schemes | 18 // HttpAuthHandler is the interface for the authentication schemes |
19 // (basic, digest, ...) | 19 // (basic, digest, ...) |
20 // The registry mapping auth-schemes to implementations is hardcoded in | 20 // The registry mapping auth-schemes to implementations is hardcoded in |
21 // HttpAuth::CreateAuthHandler(). | 21 // HttpAuth::CreateAuthHandler(). |
22 class HttpAuthHandler : public base::RefCounted<HttpAuthHandler> { | 22 class HttpAuthHandler : public base::RefCounted<HttpAuthHandler> { |
23 public: | 23 public: |
24 virtual ~HttpAuthHandler() { } | 24 virtual ~HttpAuthHandler() { } |
25 | 25 |
26 // Initialize the handler by parsing a challenge string. | 26 // Initialize the handler by parsing a challenge string. |
27 bool InitFromChallenge(std::string::const_iterator begin, | 27 bool InitFromChallenge(std::string::const_iterator begin, |
28 std::string::const_iterator end, | 28 std::string::const_iterator end, |
29 HttpAuth::Target target); | 29 HttpAuth::Target target); |
30 | 30 |
31 // Lowercase name of the auth scheme | 31 // Lowercase name of the auth scheme |
32 const std::string& scheme() const { | 32 const std::string& scheme() const { |
33 return scheme_; | 33 return scheme_; |
34 } | 34 } |
35 | 35 |
36 // The realm value that was parsed during Init(). | 36 // The realm value that was parsed during Init(). |
37 const std::string& realm() const { | 37 const std::string& realm() const { |
38 return realm_; | 38 return realm_; |
39 } | 39 } |
40 | 40 |
41 // Numeric rank based on the challenge's security level. Higher | 41 // Numeric rank based on the challenge's security level. Higher |
42 // numbers are better. Used by HttpAuth::ChooseBestChallenge(). | 42 // numbers are better. Used by HttpAuth::ChooseBestChallenge(). |
43 int score() const { | 43 int score() const { |
44 return score_; | 44 return score_; |
45 } | 45 } |
46 | 46 |
47 HttpAuth::Target target() const { | 47 HttpAuth::Target target() const { |
48 return target_; | 48 return target_; |
49 } | 49 } |
50 | 50 |
| 51 // Returns true if the authentication scheme does not send the username and |
| 52 // password in the clear. |
| 53 bool encrypts_identity() const { |
| 54 return (properties_ & ENCRYPTS_IDENTITY) != 0; |
| 55 } |
| 56 |
| 57 // Returns true if the authentication scheme is connection-based, for |
| 58 // example, NTLM. A connection-based authentication scheme does not support |
| 59 // preemptive authentication, and must use the same handler object |
| 60 // throughout the life of an HTTP transaction. |
| 61 bool is_connection_based() const { |
| 62 return (properties_ & IS_CONNECTION_BASED) != 0; |
| 63 } |
| 64 |
| 65 // Returns true if the response to the current authentication challenge |
| 66 // requires an identity. |
| 67 // TODO(wtc): Find a better way to handle a multi-round challenge-response |
| 68 // sequence used by a connection-based authentication scheme. |
| 69 virtual bool NeedsIdentity() { return true; } |
| 70 |
51 // Generate the Authorization header value. | 71 // Generate the Authorization header value. |
52 virtual std::string GenerateCredentials(const std::wstring& username, | 72 virtual std::string GenerateCredentials(const std::wstring& username, |
53 const std::wstring& password, | 73 const std::wstring& password, |
54 const HttpRequestInfo* request, | 74 const HttpRequestInfo* request, |
55 const ProxyInfo* proxy) = 0; | 75 const ProxyInfo* proxy) = 0; |
56 | 76 |
57 protected: | 77 protected: |
58 // Initialize the handler by parsing a challenge string. | 78 enum Property { |
59 // Implementations are expcted to initialize the following members: | 79 ENCRYPTS_IDENTITY = 1 << 0, |
60 // score_, realm_, scheme_ | 80 IS_CONNECTION_BASED = 1 << 1, |
| 81 }; |
| 82 |
| 83 // Initialize the handler by parsing a challenge string. |
| 84 // Implementations are expcted to initialize the following members: |
| 85 // scheme_, realm_, score_, properties_ |
61 virtual bool Init(std::string::const_iterator challenge_begin, | 86 virtual bool Init(std::string::const_iterator challenge_begin, |
62 std::string::const_iterator challenge_end) = 0; | 87 std::string::const_iterator challenge_end) = 0; |
63 | 88 |
64 // The lowercase auth-scheme {"basic", "digest", "ntlm", ...} | 89 // The lowercase auth-scheme {"basic", "digest", "ntlm", ...} |
65 std::string scheme_; | 90 std::string scheme_; |
66 | 91 |
67 // The realm. | 92 // The realm. |
68 std::string realm_; | 93 std::string realm_; |
69 | 94 |
70 // The score for this challenge. Higher numbers are better. | 95 // The score for this challenge. Higher numbers are better. |
71 int score_; | 96 int score_; |
72 | 97 |
73 // Whether this authentication request is for a proxy server, or an | 98 // Whether this authentication request is for a proxy server, or an |
74 // origin server. | 99 // origin server. |
75 HttpAuth::Target target_; | 100 HttpAuth::Target target_; |
| 101 |
| 102 // A bitmask of the properties of the authentication scheme. |
| 103 int properties_; |
76 }; | 104 }; |
77 | 105 |
78 } // namespace net | 106 } // namespace net |
79 | 107 |
80 #endif // NET_HTTP_HTTP_AUTH_HANDLER_H_ | 108 #endif // NET_HTTP_HTTP_AUTH_HANDLER_H_ |
OLD | NEW |