webRequest.onAuthRequired listeners can provide authentication credentials.

net/url_request/url_request.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/url_request/url_request.h"
 
 #include "base/compiler_specific.h"
 #include "base/memory/singleton.h"
 #include "base/message_loop.h"
 #include "base/metrics/stats_counters.h"
 #include "base/synchronization/lock.h"
+#include "net/base/auth.h"
 #include "net/base/host_port_pair.h"
 #include "net/base/load_flags.h"
 #include "net/base/net_errors.h"
 #include "net/base/net_log.h"
 #include "net/base/network_delegate.h"
 #include "net/base/ssl_cert_request_info.h"
 #include "net/base/upload_data.h"
 #include "net/http/http_response_headers.h"
 #include "net/http/http_util.h"
 #include "net/url_request/url_request_context.h"
@@ skipping 115 matching lines @@
       load_flags_(LOAD_NORMAL),
       delegate_(delegate),
       is_pending_(false),
       redirect_limit_(kMaxRedirects),
       final_upload_progress_(0),
       priority_(LOWEST),
       identifier_(GenerateURLRequestIdentifier()),
       blocked_on_delegate_(false),
       ALLOW_THIS_IN_INITIALIZER_LIST(
           before_request_callback_(this, &URLRequest::BeforeRequestComplete)),
-      has_notified_completion_(false) {
+      has_notified_completion_(false),
+      ALLOW_THIS_IN_INITIALIZER_LIST(
+          auth_required_callback_(
+              this, &URLRequest::NotifyAuthRequiredComplete)) {
   SIMPLE_STATS_COUNTER("URLRequestCount");
 
   // Sanity check out environment.
   DCHECK(MessageLoop::current()) <<
       "The current MessageLoop must exist";
   DCHECK_EQ(MessageLoop::TYPE_IO, MessageLoop::current()->type()) <<
       "The current MessageLoop must be TYPE_IO";
 }
 
 URLRequest::~URLRequest() {
@@ skipping 604 matching lines @@
 
 void URLRequest::NotifyAuthRequired(AuthChallengeInfo* auth_info) {
   // TODO(battre): We could simulate a redirection there as follows:
   // if (context_ && context_->network_delegate()) {
   //  // We simulate a redirection.
   //   context_->network_delegate()->NotifyBeforeRedirect(this, url());
   //}
   // This fixes URLRequestTestHTTP.BasicAuth but not
   // URLRequestTestHTTP.BasicAuthWithCookies. In both cases we observe a
   // call sequence of OnBeforeSendHeaders -> OnSendHeaders ->
   // OnBeforeSendHeaders.

[battre, 2011/09/24 13:17:55]

i think this comment becomes obsolete now. Could you please check whether all
authentication can be handled with the new signal and, if yes, delete this.

-  if (context_ && context_->network_delegate())
-    context_->network_delegate()->NotifyAuthRequired(this, *auth_info);
+  int rv = OK;
+  auth_info_ = auth_info;
+  if (context_ && context_->network_delegate()) {
+    rv = context_->network_delegate()->NotifyAuthRequired(
+        this, *auth_info, &auth_required_callback_, &auth_credentials_);
+  }
 
+  if (rv == ERR_IO_PENDING) {
+    SetBlockedOnDelegate();

[battre, 2011/09/24 13:17:55]

the corresponding SetUnblockedOnDelegate(); is missing

[cbentzel, 2011/09/26 21:13:36]

Done.

+  } else {
+    NotifyAuthRequiredComplete(rv);
+  }
+}
+
+void URLRequest::NotifyAuthRequiredComplete(int result) {
+  // NotifyAuthRequired may be called multiple times, such as
+  // when an authentication attempt fails. Clear out the data
+  // so it can be reset on another round.
+  AuthCredentials credentials = auth_credentials_;
+  auth_credentials_ = AuthCredentials();
+  scoped_refptr<AuthChallengeInfo> auth_info;
+  auth_info.swap(auth_info_);
+
+  if (result != OK)
+    return;
+
+  // TODO(cbentzel): Should the ERR_EMPTY_RESPONSE be handled? This might
+  // be equivalent to canceling authentication,

[battre, 2011/09/24 13:17:55]

probably yes

[cbentzel, 2011/09/26 21:13:36]

Done.

+
+  // If the NetworkDelegate provided a username and password, try
+  // using that.
+  if (credentials.is_valid) {
+    SetAuth(credentials.username, credentials.password);
+    return;
+  }
+
+  // Otherwise, defer to the URLRequest Delegate.
   if (delegate_)
-    delegate_->OnAuthRequired(this, auth_info);
+    delegate_->OnAuthRequired(this, auth_info.get());
 }
 
 void URLRequest::NotifyCertificateRequested(
     SSLCertRequestInfo* cert_request_info) {
   if (delegate_)
     delegate_->OnCertificateRequested(this, cert_request_info);
 }
 
 void URLRequest::NotifySSLCertificateError(int cert_error,
                                            X509Certificate* cert) {
@@ skipping 43 matching lines @@
   net_log_.BeginEvent(NetLog::TYPE_URL_REQUEST_BLOCKED_ON_DELEGATE, NULL);
 }
 
 void URLRequest::SetUnblockedOnDelegate() {
   blocked_on_delegate_ = false;
   load_state_param_.clear();
   net_log_.EndEvent(NetLog::TYPE_URL_REQUEST_BLOCKED_ON_DELEGATE, NULL);
 }
 
 }  // namespace net