Respect cookies set in a 401 responses when restarting the http transaction....

net/http/http_network_transaction.h

 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef NET_HTTP_HTTP_NETWORK_TRANSACTION_H_
 #define NET_HTTP_HTTP_NETWORK_TRANSACTION_H_
 
 #include <string>
 
 #include "base/ref_counted.h"
@@ skipping 23 matching lines @@
 
   virtual ~HttpNetworkTransaction();
 
   // HttpTransaction methods:
   virtual int Start(const HttpRequestInfo* request_info,
                     CompletionCallback* callback);
   virtual int RestartIgnoringLastError(CompletionCallback* callback);
   virtual int RestartWithAuth(const std::wstring& username,
                               const std::wstring& password,
                               CompletionCallback* callback);
+  virtual bool IsReadyToRestartForAuth() {
+    return pending_auth_target_ != HttpAuth::AUTH_NONE &&
+        HaveAuth(pending_auth_target_);
+  }
+
   virtual int Read(IOBuffer* buf, int buf_len, CompletionCallback* callback);
   virtual const HttpResponseInfo* GetResponseInfo() const;
   virtual LoadState GetLoadState() const;
   virtual uint64 GetUploadProgress() const;
 
  private:
   FRIEND_TEST(HttpNetworkTransactionTest, ResetStateForRestart);
 
   void BuildRequestHeaders();
   void BuildTunnelRequest();
@@ skipping 91 matching lines @@
   void ResetStateForRestart();
 
   // Attach any credentials needed for the proxy server or origin server.
   void ApplyAuth();
 
   // Helper used by ApplyAuth(). Adds either the proxy auth header, or the
   // origin server auth header, as specified by |target|
   void AddAuthorizationHeader(HttpAuth::Target target);
 
   // Handles HTTP status code 401 or 407.
-  // HandleAuthChallenge() returns a network error code, or OK, or
-  // WILL_RESTART_TRANSACTION. The latter indicates that the state machine has
-  // been updated to restart the transaction with a new auth attempt.
-  enum { WILL_RESTART_TRANSACTION = 1 };
+  // HandleAuthChallenge() returns a network error code, or OK on success.
+  // May update |pending_auth_target_| or |response_.auth_challenge|.
   int HandleAuthChallenge();
 
   // Populates response_.auth_challenge with the challenge information, so that
   // URLRequestHttpJob can prompt for a username/password.
   void PopulateAuthChallenge(HttpAuth::Target target);
 
   // Invalidates any auth cache entries after authentication has failed.
   // The identity that was rejected is auth_identity_[target].
   void InvalidateRejectedAuthFromCache(HttpAuth::Target target);
 
   // Sets auth_identity_[target] to the next identity that the transaction
   // should try. It chooses candidates by searching the auth cache
   // and the URL for a username:password. Returns true if an identity
   // was found.
   bool SelectNextAuthIdentityToTry(HttpAuth::Target target);
 
   // Searches the auth cache for an entry that encompasses the request's path.
   // If such an entry is found, updates auth_identity_[target] and
   // auth_handler_[target] with the cache entry's data and returns true.
   bool SelectPreemptiveAuth(HttpAuth::Target target);
 
-  bool NeedAuth(HttpAuth::Target target) const {
-    return auth_handler_[target].get() && auth_identity_[target].invalid;
-  }
-
   bool HaveAuth(HttpAuth::Target target) const {
     return auth_handler_[target].get() && !auth_identity_[target].invalid;
   }
 
   // Get the {scheme, host, port} for the authentication target
   GURL AuthOrigin(HttpAuth::Target target) const;
 
   // Get the absolute path of the resource needing authentication.
   // For proxy authentication the path is always empty string.
   std::string AuthPath(HttpAuth::Target target) const;
 
   // The following three auth members are arrays of size two -- index 0 is
   // for the proxy server, and index 1 is for the origin server.
   // Use the enum HttpAuth::Target to index into them.
 
   // auth_handler encapsulates the logic for the particular auth-scheme.
   // This includes the challenge's parameters. If NULL, then there is no
   // associated auth handler.
   scoped_refptr<HttpAuthHandler> auth_handler_[2];
 
   // auth_identity_ holds the (username/password) that should be used by
   // the auth_handler_ to generate credentials. This identity can come from
   // a number of places (url, cache, prompt).
   HttpAuth::Identity auth_identity_[2];
 
+  // Whether this transaction is waiting for proxy auth, server auth, or is
+  // not waiting for any auth at all. |pending_auth_target_| is read and
+  // cleared by RestartWithAuth().
+  HttpAuth::Target pending_auth_target_;
+
   CompletionCallbackImpl<HttpNetworkTransaction> io_callback_;
   CompletionCallback* user_callback_;
 
   scoped_refptr<HttpNetworkSession> session_;
 
   const HttpRequestInfo* request_;
   HttpResponseInfo response_;
 
   ProxyService::PacRequest* pac_request_;
   ProxyInfo proxy_info_;
@@ skipping 88 matching lines @@
     STATE_DRAIN_BODY_FOR_AUTH_RESTART,
     STATE_DRAIN_BODY_FOR_AUTH_RESTART_COMPLETE,
     STATE_NONE
   };
   State next_state_;
 };
 
 }  // namespace net
 
 #endif  // NET_HTTP_HTTP_NETWORK_TRANSACTION_H_