net/http/http_auth_controller.cc - Issue 6525035: Invalidate credentials if the server rejects them.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/http/http_auth_controller.cc

Issue 6525035: Invalidate credentials if the server rejects them. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Extra whitespace Created 9 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/http/http_auth_controller.cc

diff --git a/net/http/http_auth_controller.cc b/net/http/http_auth_controller.cc

index f438ea46128bfe898b0de6017773799ce7ed00c1..37b120cf9440a06f41624b8fa58da8355e9ba327 100644

--- a/net/http/http_auth_controller.cc

+++ b/net/http/http_auth_controller.cc

@@ -273,26 +273,28 @@ int HttpAuthController::HandleAuthChallenge(

case HttpAuth::AUTHORIZATION_RESULT_ACCEPT:

break;

case HttpAuth::AUTHORIZATION_RESULT_INVALID:

- InvalidateCurrentHandler();

+ InvalidateCurrentHandler(true);

break;

case HttpAuth::AUTHORIZATION_RESULT_REJECT:

HistogramAuthEvent(handler_.get(), AUTH_EVENT_REJECT);

- InvalidateCurrentHandler();

+ InvalidateCurrentHandler(true);

break;

case HttpAuth::AUTHORIZATION_RESULT_STALE:

if (http_auth_cache_->UpdateStaleChallenge(auth_origin_,

handler_->realm(),

handler_->auth_scheme(),

challenge_used)) {

- handler_.reset();

- identity_ = HttpAuth::Identity();

+ InvalidateCurrentHandler(false);

} else {

// It's possible that a server could incorrectly issue a stale

// response when the entry is not in the cache. Just evict the

// current value from the cache.

- InvalidateCurrentHandler();

+ InvalidateCurrentHandler(true);

}

break;

+ case HttpAuth::AUTHORIZATION_RESULT_DIFFERENT_REALM:

+ InvalidateCurrentHandler(false);

+ break;

default:

NOTREACHED();

break;

@@ -403,10 +405,12 @@ bool HttpAuthController::HaveAuth() const {

return handler_.get() && !identity_.invalid;

}

-void HttpAuthController::InvalidateCurrentHandler() {

+void HttpAuthController::InvalidateCurrentHandler(

+ bool invalidate_credentials) {

DCHECK(CalledOnValidThread());

- InvalidateRejectedAuthFromCache();

+ if (invalidate_credentials)

+ InvalidateRejectedAuthFromCache();

handler_.reset();

identity_ = HttpAuth::Identity();

}

@@ -415,13 +419,6 @@ void HttpAuthController::InvalidateRejectedAuthFromCache() {

DCHECK(CalledOnValidThread());

DCHECK(HaveAuth());

- // TODO(eroman): this short-circuit can be relaxed. If the realm of

- // the preemptively used auth entry matches the realm of the subsequent

- // challenge, then we can invalidate the preemptively used entry.

- // Otherwise as-is we may send the failed credentials one extra time.

- if (identity_.source == HttpAuth::IDENT_SRC_PATH_LOOKUP)

- return;

// Clear the cache entry for the identity we just failed on.

// Note: we require the username/password to match before invalidating

// since the entry in the cache may be newer than what we used last time.

« net/http/http_auth_controller.h ('K') | « net/http/http_auth_controller.h ('k') | net/http/http_auth_handler_basic.cc » ('j') | net/http/http_auth_handler_digest.cc » ('J')