| OLD | NEW |
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/http_auth_handler_basic.h" | 5 #include "net/http/http_auth_handler_basic.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "base/base64.h" | 9 #include "base/base64.h" |
| 10 #include "base/string_util.h" | 10 #include "base/string_util.h" |
| 11 #include "base/utf_string_conversions.h" | 11 #include "base/utf_string_conversions.h" |
| 12 #include "net/base/net_errors.h" | 12 #include "net/base/net_errors.h" |
| 13 #include "net/http/http_auth.h" | 13 #include "net/http/http_auth.h" |
| 14 | 14 |
| 15 namespace net { | 15 namespace net { |
| 16 | 16 |
| 17 // Note that if a realm was not specified, we will default it to ""; | 17 // Note that if a realm was not specified, we will default it to ""; |
| 18 // so specifying 'Basic realm=""' is equivalent to 'Basic'. | 18 // so specifying 'Basic realm=""' is equivalent to 'Basic'. |
| 19 // | 19 // |
| 20 // This is more generous than RFC 2617, which is pretty clear in the | 20 // This is more generous than RFC 2617, which is pretty clear in the |
| 21 // production of challenge that realm is required. | 21 // production of challenge that realm is required. |
| 22 // | 22 // |
| 23 // We allow it to be compatibility with certain embedded webservers that don't | 23 // We allow it to be compatibility with certain embedded webservers that don't |
| 24 // include a realm (see http://crbug.com/20984.) | 24 // include a realm (see http://crbug.com/20984.) |
| 25 bool HttpAuthHandlerBasic::Init(HttpAuth::ChallengeTokenizer* challenge) { | 25 bool HttpAuthHandlerBasic::Init(HttpAuth::ChallengeTokenizer* challenge) { |
| 26 scheme_ = "basic"; | 26 scheme_ = "basic"; |
| 27 score_ = 1; | 27 score_ = 1; |
| 28 properties_ = 0; | 28 properties_ = 0; |
| 29 return ParseChallenge(challenge); |
| 30 } |
| 29 | 31 |
| 32 bool HttpAuthHandlerBasic::ParseChallenge( |
| 33 HttpAuth::ChallengeTokenizer* challenge) { |
| 30 // Verify the challenge's auth-scheme. | 34 // Verify the challenge's auth-scheme. |
| 31 if (!challenge->valid() || | 35 if (!challenge->valid() || |
| 32 !LowerCaseEqualsASCII(challenge->scheme(), "basic")) | 36 !LowerCaseEqualsASCII(challenge->scheme(), "basic")) |
| 33 return false; | 37 return false; |
| 34 | 38 |
| 35 // Extract the realm (may be missing). | 39 // Extract the realm (may be missing). |
| 40 std::string realm; |
| 36 while (challenge->GetNext()) { | 41 while (challenge->GetNext()) { |
| 37 if (LowerCaseEqualsASCII(challenge->name(), "realm")) | 42 if (LowerCaseEqualsASCII(challenge->name(), "realm")) |
| 38 realm_ = challenge->unquoted_value(); | 43 realm = challenge->unquoted_value(); |
| 39 } | 44 } |
| 40 | 45 |
| 41 return challenge->valid(); | 46 if (!challenge->valid()) |
| 47 return false; |
| 48 |
| 49 realm_ = realm; |
| 50 return true; |
| 51 } |
| 52 |
| 53 HttpAuth::AuthorizationResult HttpAuthHandlerBasic::HandleAnotherChallenge( |
| 54 HttpAuth::ChallengeTokenizer* challenge) { |
| 55 // Basic authentication is always a single round, so any responses should |
| 56 // be treated as a rejection. |
| 57 return HttpAuth::AUTHORIZATION_RESULT_REJECT; |
| 42 } | 58 } |
| 43 | 59 |
| 44 int HttpAuthHandlerBasic::GenerateAuthTokenImpl( | 60 int HttpAuthHandlerBasic::GenerateAuthTokenImpl( |
| 45 const string16* username, | 61 const string16* username, |
| 46 const string16* password, | 62 const string16* password, |
| 47 const HttpRequestInfo*, | 63 const HttpRequestInfo*, |
| 48 CompletionCallback*, | 64 CompletionCallback*, |
| 49 std::string* auth_token) { | 65 std::string* auth_token) { |
| 50 // TODO(eroman): is this the right encoding of username/password? | 66 // TODO(eroman): is this the right encoding of username/password? |
| 51 std::string base64_username_password; | 67 std::string base64_username_password; |
| (...skipping 23 matching lines...) Expand all Loading... |
| 75 // TODO(cbentzel): Move towards model of parsing in the factory | 91 // TODO(cbentzel): Move towards model of parsing in the factory |
| 76 // method and only constructing when valid. | 92 // method and only constructing when valid. |
| 77 scoped_ptr<HttpAuthHandler> tmp_handler(new HttpAuthHandlerBasic()); | 93 scoped_ptr<HttpAuthHandler> tmp_handler(new HttpAuthHandlerBasic()); |
| 78 if (!tmp_handler->InitFromChallenge(challenge, target, origin, net_log)) | 94 if (!tmp_handler->InitFromChallenge(challenge, target, origin, net_log)) |
| 79 return ERR_INVALID_RESPONSE; | 95 return ERR_INVALID_RESPONSE; |
| 80 handler->swap(tmp_handler); | 96 handler->swap(tmp_handler); |
| 81 return OK; | 97 return OK; |
| 82 } | 98 } |
| 83 | 99 |
| 84 } // namespace net | 100 } // namespace net |
| OLD | NEW |