Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(954)

Unified Diff: net/http/http_auth.cc

Issue 3360017: Fix multi-round authentication.... (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: SocketStream fix Created 10 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/http/http_auth.h ('k') | net/http/http_auth_cache_unittest.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/http/http_auth.cc
===================================================================
--- net/http/http_auth.cc (revision 59119)
+++ net/http/http_auth.cc (working copy)
@@ -28,22 +28,8 @@
const BoundNetLog& net_log,
scoped_ptr<HttpAuthHandler>* handler) {
DCHECK(http_auth_handler_factory);
+ DCHECK(handler->get() == NULL);
- // A connection-based authentication scheme must continue to use the
- // existing handler object in |*handler|.
- if (handler->get() && (*handler)->is_connection_based() &&
- (disabled_schemes.find((*handler)->scheme()) == disabled_schemes.end())) {
- const std::string header_name = GetChallengeHeaderName(target);
- std::string challenge;
- void* iter = NULL;
- while (headers->EnumerateHeader(&iter, header_name, &challenge)) {
- ChallengeTokenizer props(challenge.begin(), challenge.end());
- if (LowerCaseEqualsASCII(props.scheme(), (*handler)->scheme().c_str()) &&
- (*handler)->InitFromChallenge(&props, target, origin, net_log))
- return;
- }
- }
-
// Choose the challenge whose authentication handler gives the maximum score.
scoped_ptr<HttpAuthHandler> best;
const std::string header_name = GetChallengeHeaderName(target);
@@ -65,6 +51,32 @@
handler->swap(best);
}
+// static
+HttpAuth::AuthorizationResult HttpAuth::HandleChallengeResponse(
+ HttpAuthHandler* handler,
+ const HttpResponseHeaders* headers,
+ Target target,
+ const std::set<std::string>& disabled_schemes) {
+ const std::string& current_scheme = handler->scheme();
+ if (disabled_schemes.find(current_scheme) != disabled_schemes.end())
+ return HttpAuth::AUTHORIZATION_RESULT_REJECT;
+ const std::string header_name = GetChallengeHeaderName(target);
+ void* iter = NULL;
+ std::string challenge;
+ HttpAuth::AuthorizationResult authorization_result =
+ HttpAuth::AUTHORIZATION_RESULT_INVALID;
+ while (headers->EnumerateHeader(&iter, header_name, &challenge)) {
+ HttpAuth::ChallengeTokenizer props(challenge.begin(), challenge.end());
+ if (!LowerCaseEqualsASCII(props.scheme(), current_scheme.c_str()))
+ continue;
+ authorization_result = handler->HandleAnotherChallenge(&props);
+ if (authorization_result != HttpAuth::AUTHORIZATION_RESULT_INVALID)
+ return authorization_result;
+ }
+ // Finding no matches is equivalent to rejection
+ return HttpAuth::AUTHORIZATION_RESULT_REJECT;
+}
+
void HttpAuth::ChallengeTokenizer::Init(std::string::const_iterator begin,
std::string::const_iterator end) {
// The first space-separated token is the auth-scheme.
« no previous file with comments | « net/http/http_auth.h ('k') | net/http/http_auth_cache_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698