| OLD | NEW |
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_HTTP_HTTP_AUTH_HANDLER_H_ | 5 #ifndef NET_HTTP_HTTP_AUTH_HANDLER_H_ |
| 6 #define NET_HTTP_HTTP_AUTH_HANDLER_H_ | 6 #define NET_HTTP_HTTP_AUTH_HANDLER_H_ |
| 7 #pragma once | 7 #pragma once |
| 8 | 8 |
| 9 #include <string> | 9 #include <string> |
| 10 | 10 |
| (...skipping 20 matching lines...) Expand all Loading... |
| 31 // Initializes the handler using a challenge issued by a server. | 31 // Initializes the handler using a challenge issued by a server. |
| 32 // |challenge| must be non-NULL and have already tokenized the | 32 // |challenge| must be non-NULL and have already tokenized the |
| 33 // authentication scheme, but none of the tokens occuring after the | 33 // authentication scheme, but none of the tokens occuring after the |
| 34 // authentication scheme. |target| and |origin| are both stored | 34 // authentication scheme. |target| and |origin| are both stored |
| 35 // for later use, and are not part of the initial challenge. | 35 // for later use, and are not part of the initial challenge. |
| 36 bool InitFromChallenge(HttpAuth::ChallengeTokenizer* challenge, | 36 bool InitFromChallenge(HttpAuth::ChallengeTokenizer* challenge, |
| 37 HttpAuth::Target target, | 37 HttpAuth::Target target, |
| 38 const GURL& origin, | 38 const GURL& origin, |
| 39 const BoundNetLog& net_log); | 39 const BoundNetLog& net_log); |
| 40 | 40 |
| 41 // Determines how the previous authorization attempt was received. |
| 42 // |
| 43 // This is called when the server/proxy responds with a 401/407 after an |
| 44 // earlier authorization attempt. Although this normally means that the |
| 45 // previous attempt was rejected, in multi-round schemes such as |
| 46 // NTLM+Negotiate it may indicate that another round of challenge+response |
| 47 // is required. For Digest authentication it may also mean that the previous |
| 48 // attempt used a stale nonce (and nonce-count) and that a new attempt should |
| 49 // be made with a different nonce provided in the challenge. |
| 50 // |
| 51 // |challenge| must be non-NULL and have already tokenized the |
| 52 // authentication scheme, but none of the tokens occuring after the |
| 53 // authentication scheme. |
| 54 virtual HttpAuth::AuthorizationResult HandleAnotherChallenge( |
| 55 HttpAuth::ChallengeTokenizer* challenge) = 0; |
| 56 |
| 41 // Generates an authentication token, potentially asynchronously. | 57 // Generates an authentication token, potentially asynchronously. |
| 42 // | 58 // |
| 43 // When |username| and |password| are NULL, the default credentials for | 59 // When |username| and |password| are NULL, the default credentials for |
| 44 // the currently logged in user are used. |AllowsDefaultCredentials()| MUST be | 60 // the currently logged in user are used. |AllowsDefaultCredentials()| MUST be |
| 45 // true in this case. | 61 // true in this case. |
| 46 // | 62 // |
| 47 // |request|, |callback|, and |auth_token| must be non-NULL. | 63 // |request|, |callback|, and |auth_token| must be non-NULL. |
| 48 // | 64 // |
| 49 // The return value is a net error code. | 65 // The return value is a net error code. |
| 50 // If |OK| is returned, |*auth_token| is filled in with an authentication | 66 // If |OK| is returned, |*auth_token| is filled in with an authentication |
| (...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 100 bool is_connection_based() const { | 116 bool is_connection_based() const { |
| 101 return (properties_ & IS_CONNECTION_BASED) != 0; | 117 return (properties_ & IS_CONNECTION_BASED) != 0; |
| 102 } | 118 } |
| 103 | 119 |
| 104 // Returns true if the response to the current authentication challenge | 120 // Returns true if the response to the current authentication challenge |
| 105 // requires an identity. | 121 // requires an identity. |
| 106 // TODO(wtc): Find a better way to handle a multi-round challenge-response | 122 // TODO(wtc): Find a better way to handle a multi-round challenge-response |
| 107 // sequence used by a connection-based authentication scheme. | 123 // sequence used by a connection-based authentication scheme. |
| 108 virtual bool NeedsIdentity() { return true; } | 124 virtual bool NeedsIdentity() { return true; } |
| 109 | 125 |
| 110 // Returns true if this is the final round of the authentication sequence. | |
| 111 // For Basic and Digest, the method always returns true because they are | |
| 112 // single-round schemes. | |
| 113 virtual bool IsFinalRound() { return true; } | |
| 114 | |
| 115 // Returns whether the default credentials may be used for the |origin| passed | 126 // Returns whether the default credentials may be used for the |origin| passed |
| 116 // into |InitFromChallenge|. If true, the user does not need to be prompted | 127 // into |InitFromChallenge|. If true, the user does not need to be prompted |
| 117 // for username and password to establish credentials. | 128 // for username and password to establish credentials. |
| 118 // NOTE: SSO is a potential security risk. | 129 // NOTE: SSO is a potential security risk. |
| 119 // TODO(cbentzel): Add a pointer to Firefox documentation about risk. | 130 // TODO(cbentzel): Add a pointer to Firefox documentation about risk. |
| 120 virtual bool AllowsDefaultCredentials() { return false; } | 131 virtual bool AllowsDefaultCredentials() { return false; } |
| 121 | 132 |
| 122 protected: | 133 protected: |
| 123 enum Property { | 134 enum Property { |
| 124 ENCRYPTS_IDENTITY = 1 << 0, | 135 ENCRYPTS_IDENTITY = 1 << 0, |
| (...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 175 CompletionCallback* original_callback_; | 186 CompletionCallback* original_callback_; |
| 176 CompletionCallbackImpl<HttpAuthHandler> wrapper_callback_; | 187 CompletionCallbackImpl<HttpAuthHandler> wrapper_callback_; |
| 177 // When GenerateAuthToken was called. | 188 // When GenerateAuthToken was called. |
| 178 base::TimeTicks generate_auth_token_start_; | 189 base::TimeTicks generate_auth_token_start_; |
| 179 scoped_refptr<Histogram> histogram_; | 190 scoped_refptr<Histogram> histogram_; |
| 180 }; | 191 }; |
| 181 | 192 |
| 182 } // namespace net | 193 } // namespace net |
| 183 | 194 |
| 184 #endif // NET_HTTP_HTTP_AUTH_HANDLER_H_ | 195 #endif // NET_HTTP_HTTP_AUTH_HANDLER_H_ |
| OLD | NEW |