MAC Cookies (patch 4 of N)

net/url_request/url_request_http_job.cc

Index: net/url_request/url_request_http_job.cc
===================================================================
--- net/url_request/url_request_http_job.cc	(revision 84980)
+++ net/url_request/url_request_http_job.cc	(working copy)
@@ -13,6 +13,7 @@
 #include "base/metrics/field_trial.h"
 #include "base/metrics/histogram.h"
 #include "base/rand_util.h"
+#include "base/string_number_conversions.h"
 #include "base/string_util.h"
 #include "base/time.h"
 #include "net/base/cert_status_flags.h"
@@ -27,6 +28,7 @@
 #include "net/base/ssl_cert_request_info.h"
 #include "net/base/ssl_config_service.h"
 #include "net/base/transport_security_state.h"
+#include "net/http/http_mac_signature.h"
 #include "net/http/http_request_headers.h"
 #include "net/http/http_response_headers.h"
 #include "net/http/http_response_info.h"
@@ -54,6 +56,14 @@
 
 namespace {
 
+std::string BuildIssuerForMac(const std::string& source) {
+  // TODO(abarth): The issuer has had its scheme doctored!
+  GURL issuer(source);
+  // Notice that we include the port even if the port is the default port.
+  // TODO(abarth): We're geting the wrong port number here.
+  return issuer.host() + ":" + base::IntToString(issuer.IntPort());

[cbentzel, 2011/05/13 14:05:45]

You can just use GetHostAndPort from net_util.h here. It will also provide the
default port if unspecified.

+}
+
 class HTTPSProberDelegateImpl : public HTTPSProberDelegate {
  public:
   HTTPSProberDelegateImpl(const std::string& host, int max_age,
@@ -588,17 +598,49 @@
   }
 }
 
+void URLRequestHttpJob::AddAuthorizationHeader(

[cbentzel, 2011/05/13 14:05:45]

You could make a static/top-level function which passes in a HttpRequestInfo*,
which would be easier to unit test.

I guess you'd still run into issues with different nonces and timestamps,
however. 

[abarth-chromium, 2011/05/13 17:36:23]

Yeah, that makes unit testing at this layer slightly tricky.

+    const std::vector<CookieStore::CookieInfo>& cookie_infos) {
+  const GURL& url = request_info_.url;
+  const std::string& method = request_info_.method;
+  std::string request_uri = HttpUtil::PathForRequest(url);
+  const std::string& host = url.host();
+  int port = url.IntPort();

[cbentzel, 2011/05/13 14:05:45]

You'll want to use EffectiveIntPort here to capture default port. 

[abarth-chromium, 2011/05/13 17:36:23]

Done.

+
+  for (size_t i = 0; i < cookie_infos.size(); ++i) {
+    const CookieStore::CookieInfo& cookie_info = cookie_infos[i];
+    if (cookie_info.mac_key.empty() || cookie_info.mac_algorithm.empty())

[cbentzel, 2011/05/13 14:05:45]

I would remove the empty string tests here, since they are redundant with the
ones inside AddStateInfo.

[abarth-chromium, 2011/05/13 17:36:23]

Done.

+      continue;
+    HttpMacSignature signature;
+    if (!signature.AddStateInfo(cookie_info.name,
+                                cookie_info.mac_key,
+                                cookie_info.mac_algorithm,
+                                BuildIssuerForMac(cookie_info.source))) {
+      continue;
+    }
+    if (!signature.AddHttpInfo(method, request_uri, host, port))
+      continue;
+    request_info_.extra_headers.SetHeader(
+        HttpRequestHeaders::kAuthorization,
+        signature.GenerateAuthorizationHeader());
+    return;  // Only add the first valid header.

[cbentzel, 2011/05/13 14:05:45]

I thought you were planning to support multiple Authorization headers? 

+  }
+}
+
 void URLRequestHttpJob::OnCanGetCookiesCompleted(bool allow) {
   if (request_->context()->cookie_store() && allow) {
     CookieOptions options;
     options.set_include_httponly();
-    std::string cookies =
-        request_->context()->cookie_store()->GetCookiesWithOptions(
-            request_->url(), options);
-    if (!cookies.empty()) {
+    std::string cookie_line;
+    std::vector<CookieStore::CookieInfo> cookie_infos;
+    request_->context()->cookie_store()->GetCookiesWithInfo(
+        request_->url(), options, &cookie_line, &cookie_infos);
+    if (!cookie_line.empty()) {
       request_info_.extra_headers.SetHeader(
-          HttpRequestHeaders::kCookie, cookies);
+          HttpRequestHeaders::kCookie, cookie_line);
     }
+
+    if (URLRequest::AreMacCookiesEnabled())
+      AddAuthorizationHeader(cookie_infos);
   }
   // We may have been canceled within CanGetCookies.
   if (GetStatus().is_success()) {