| Index: net/http/http_auth.cc
|
| ===================================================================
|
| --- net/http/http_auth.cc (revision 59119)
|
| +++ net/http/http_auth.cc (working copy)
|
| @@ -28,22 +28,8 @@
|
| const BoundNetLog& net_log,
|
| scoped_ptr<HttpAuthHandler>* handler) {
|
| DCHECK(http_auth_handler_factory);
|
| + DCHECK(handler->get() == NULL);
|
|
|
| - // A connection-based authentication scheme must continue to use the
|
| - // existing handler object in |*handler|.
|
| - if (handler->get() && (*handler)->is_connection_based() &&
|
| - (disabled_schemes.find((*handler)->scheme()) == disabled_schemes.end())) {
|
| - const std::string header_name = GetChallengeHeaderName(target);
|
| - std::string challenge;
|
| - void* iter = NULL;
|
| - while (headers->EnumerateHeader(&iter, header_name, &challenge)) {
|
| - ChallengeTokenizer props(challenge.begin(), challenge.end());
|
| - if (LowerCaseEqualsASCII(props.scheme(), (*handler)->scheme().c_str()) &&
|
| - (*handler)->InitFromChallenge(&props, target, origin, net_log))
|
| - return;
|
| - }
|
| - }
|
| -
|
| // Choose the challenge whose authentication handler gives the maximum score.
|
| scoped_ptr<HttpAuthHandler> best;
|
| const std::string header_name = GetChallengeHeaderName(target);
|
| @@ -65,6 +51,32 @@
|
| handler->swap(best);
|
| }
|
|
|
| +// static
|
| +HttpAuth::AuthorizationResult HttpAuth::HandleChallengeResponse(
|
| + HttpAuthHandler* handler,
|
| + const HttpResponseHeaders* headers,
|
| + Target target,
|
| + const std::set<std::string>& disabled_schemes) {
|
| + const std::string& current_scheme = handler->scheme();
|
| + if (disabled_schemes.find(current_scheme) != disabled_schemes.end())
|
| + return HttpAuth::AUTHORIZATION_RESULT_REJECT;
|
| + const std::string header_name = GetChallengeHeaderName(target);
|
| + void* iter = NULL;
|
| + std::string challenge;
|
| + HttpAuth::AuthorizationResult authorization_result =
|
| + HttpAuth::AUTHORIZATION_RESULT_INVALID;
|
| + while (headers->EnumerateHeader(&iter, header_name, &challenge)) {
|
| + HttpAuth::ChallengeTokenizer props(challenge.begin(), challenge.end());
|
| + if (!LowerCaseEqualsASCII(props.scheme(), current_scheme.c_str()))
|
| + continue;
|
| + authorization_result = handler->HandleAnotherChallenge(&props);
|
| + if (authorization_result != HttpAuth::AUTHORIZATION_RESULT_INVALID)
|
| + return authorization_result;
|
| + }
|
| + // Finding no matches is equivalent to rejection
|
| + return HttpAuth::AUTHORIZATION_RESULT_REJECT;
|
| +}
|
| +
|
| void HttpAuth::ChallengeTokenizer::Init(std::string::const_iterator begin,
|
| std::string::const_iterator end) {
|
| // The first space-separated token is the auth-scheme.
|
|
|