| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef NET_HTTP_HTTP_AUTH_CONTROLLER_H_ | |
| 6 #define NET_HTTP_HTTP_AUTH_CONTROLLER_H_ | |
| 7 | |
| 8 #include <string> | |
| 9 | |
| 10 #include "base/basictypes.h" | |
| 11 #include "base/ref_counted.h" | |
| 12 #include "base/scoped_ptr.h" | |
| 13 #include "googleurl/src/gurl.h" | |
| 14 #include "net/base/completion_callback.h" | |
| 15 #include "net/base/net_log.h" | |
| 16 #include "net/http/http_auth.h" | |
| 17 | |
| 18 namespace net { | |
| 19 | |
| 20 class AuthChallengeInfo; | |
| 21 class HostResolver; | |
| 22 class HttpNetworkSession; | |
| 23 class HttpRequestHeaders; | |
| 24 struct HttpRequestInfo; | |
| 25 | |
| 26 class HttpAuthController { | |
| 27 public: | |
| 28 // The arguments are self explanatory except possibly for |auth_url|, which | |
| 29 // should be both the auth target and auth path in a single url argument. | |
| 30 HttpAuthController(HttpAuth::Target target, const GURL& auth_url, | |
| 31 scoped_refptr<HttpNetworkSession> session, | |
| 32 const BoundNetLog& net_log); | |
| 33 | |
| 34 // Generate an authentication token for |target| if necessary. The return | |
| 35 // value is a net error code. |OK| will be returned both in the case that | |
| 36 // a token is correctly generated synchronously, as well as when no tokens | |
| 37 // were necessary. | |
| 38 int MaybeGenerateAuthToken(const HttpRequestInfo* request, | |
| 39 CompletionCallback* callback); | |
| 40 | |
| 41 // Adds either the proxy auth header, or the origin server auth header, | |
| 42 // as specified by |target_|. | |
| 43 void AddAuthorizationHeader(HttpRequestHeaders* authorization_headers); | |
| 44 | |
| 45 // Checks for and handles HTTP status code 401 or 407. | |
| 46 // |HandleAuthChallenge()| returns OK on success, | |
| 47 // ERR_AUTH_NEEDS_CANONICAL_NAME if the handler needs the canonical name | |
| 48 // resolved, or a network error code. It may also populate |auth_info_|. | |
| 49 int HandleAuthChallenge(scoped_refptr<HttpResponseHeaders> headers, | |
| 50 int load_flags, bool establishing_tunnel); | |
| 51 | |
| 52 int ResolveCanonicalName(CompletionCallback* callback); | |
| 53 | |
| 54 // Store the supplied credentials and prepare to restart the auth. | |
| 55 void ResetAuth(const std::wstring& username, const std::wstring& password); | |
| 56 | |
| 57 bool HaveAuthHandler() const { | |
| 58 return handler_.get() != NULL; | |
| 59 } | |
| 60 | |
| 61 bool HaveAuth() const { | |
| 62 return handler_.get() && !identity_.invalid; | |
| 63 } | |
| 64 | |
| 65 // The caller receives ownership of the return AuthChallengeInfo. | |
| 66 AuthChallengeInfo* auth_info() { | |
| 67 return auth_info_.release(); | |
| 68 } | |
| 69 | |
| 70 private: | |
| 71 // Searches the auth cache for an entry that encompasses the request's path. | |
| 72 // If such an entry is found, updates |identity_| and |handler_| with the | |
| 73 // cache entry's data and returns true. | |
| 74 bool SelectPreemptiveAuth(); | |
| 75 | |
| 76 // Invalidates any auth cache entries after authentication has failed. | |
| 77 // The identity that was rejected is |identity_|. | |
| 78 void InvalidateRejectedAuthFromCache(); | |
| 79 | |
| 80 // Sets |identity_| to the next identity that the transaction should try. It | |
| 81 // chooses candidates by searching the auth cache and the URL for a | |
| 82 // username:password. Returns true if an identity was found. | |
| 83 bool SelectNextAuthIdentityToTry(); | |
| 84 | |
| 85 // Populates auth_info_ with the challenge information, so that | |
| 86 // URLRequestHttpJob can prompt for a username/password. | |
| 87 void PopulateAuthChallenge(); | |
| 88 | |
| 89 // Indicates if this handler is for Proxy auth or Server auth. | |
| 90 HttpAuth::Target target_; | |
| 91 | |
| 92 // Holds the {scheme, host, path, port} for the authentication target. | |
| 93 const GURL auth_url_; | |
| 94 | |
| 95 // Holds the {scheme, host, port} for the authentication target. | |
| 96 const GURL auth_origin_; | |
| 97 | |
| 98 // The absolute path of the resource needing authentication. | |
| 99 // For proxy authentication the path is empty. | |
| 100 const std::string auth_path_; | |
| 101 | |
| 102 // |handler_| encapsulates the logic for the particular auth-scheme. | |
| 103 // This includes the challenge's parameters. If NULL, then there is no | |
| 104 // associated auth handler. | |
| 105 scoped_ptr<HttpAuthHandler> handler_; | |
| 106 | |
| 107 // |identity_| holds the (username/password) that should be used by | |
| 108 // the handler_ to generate credentials. This identity can come from | |
| 109 // a number of places (url, cache, prompt). | |
| 110 HttpAuth::Identity identity_; | |
| 111 | |
| 112 // |auth_token_| contains the opaque string to pass to the proxy or | |
| 113 // server to authenticate the client. | |
| 114 std::string auth_token_; | |
| 115 | |
| 116 // Contains information about the auth challenge. | |
| 117 scoped_refptr<AuthChallengeInfo> auth_info_; | |
| 118 | |
| 119 // True if we've used the username/password embedded in the URL. This | |
| 120 // makes sure we use the embedded identity only once for the transaction, | |
| 121 // preventing an infinite auth restart loop. | |
| 122 bool embedded_identity_used_; | |
| 123 | |
| 124 // True if default credentials have already been tried for this transaction | |
| 125 // in response to an HTTP authentication challenge. | |
| 126 bool default_credentials_used_; | |
| 127 | |
| 128 scoped_refptr<HttpNetworkSession> session_; | |
| 129 | |
| 130 BoundNetLog net_log_; | |
| 131 }; | |
| 132 | |
| 133 } // namespace net | |
| 134 | |
| 135 #endif // NET_HTTP_HTTP_AUTH_CONTROLLER_H_ | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2866018:
Revert 50647 - Create HttpAuthController.... (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/