| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 // | 4 // |
| 5 // TODO(ukai): code is similar with http_network_transaction.cc. We should | 5 // TODO(ukai): code is similar with http_network_transaction.cc. We should |
| 6 // think about ways to share code, if possible. | 6 // think about ways to share code, if possible. |
| 7 | 7 |
| 8 #include "net/socket_stream/socket_stream.h" | 8 #include "net/socket_stream/socket_stream.h" |
| 9 | 9 |
| 10 #include <set> | 10 #include <set> |
| (...skipping 188 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 199 // closed. So, return immediately. | 199 // closed. So, return immediately. |
| 200 // Otherwise, it might call Finish() more than once, so breaks balance | 200 // Otherwise, it might call Finish() more than once, so breaks balance |
| 201 // of AddRef() and Release() in Connect() and Finish(), respectively. | 201 // of AddRef() and Release() in Connect() and Finish(), respectively. |
| 202 if (next_state_ == STATE_NONE) | 202 if (next_state_ == STATE_NONE) |
| 203 return; | 203 return; |
| 204 MessageLoop::current()->PostTask( | 204 MessageLoop::current()->PostTask( |
| 205 FROM_HERE, | 205 FROM_HERE, |
| 206 NewRunnableMethod(this, &SocketStream::DoClose)); | 206 NewRunnableMethod(this, &SocketStream::DoClose)); |
| 207 } | 207 } |
| 208 | 208 |
| 209 void SocketStream::RestartWithAuth( | 209 void SocketStream::RestartWithAuth(const AuthCredentials& credentials) { |
| 210 const string16& username, const string16& password) { | |
| 211 DCHECK(MessageLoop::current()) << | 210 DCHECK(MessageLoop::current()) << |
| 212 "The current MessageLoop must exist"; | 211 "The current MessageLoop must exist"; |
| 213 DCHECK_EQ(MessageLoop::TYPE_IO, MessageLoop::current()->type()) << | 212 DCHECK_EQ(MessageLoop::TYPE_IO, MessageLoop::current()->type()) << |
| 214 "The current MessageLoop must be TYPE_IO"; | 213 "The current MessageLoop must be TYPE_IO"; |
| 215 DCHECK(auth_handler_.get()); | 214 DCHECK(auth_handler_.get()); |
| 216 if (!socket_.get()) { | 215 if (!socket_.get()) { |
| 217 LOG(ERROR) << "Socket is closed before restarting with auth."; | 216 LOG(ERROR) << "Socket is closed before restarting with auth."; |
| 218 return; | 217 return; |
| 219 } | 218 } |
| 220 | 219 |
| 221 if (auth_identity_.invalid) { | 220 if (auth_identity_.invalid) { |
| 222 // Update the username/password. | 221 // Update the credentials. |
| 223 auth_identity_.source = HttpAuth::IDENT_SRC_EXTERNAL; | 222 auth_identity_.source = HttpAuth::IDENT_SRC_EXTERNAL; |
| 224 auth_identity_.invalid = false; | 223 auth_identity_.invalid = false; |
| 225 auth_identity_.username = username; | 224 auth_identity_.credentials = credentials; |
| 226 auth_identity_.password = password; | |
| 227 } | 225 } |
| 228 | 226 |
| 229 MessageLoop::current()->PostTask( | 227 MessageLoop::current()->PostTask( |
| 230 FROM_HERE, | 228 FROM_HERE, |
| 231 NewRunnableMethod(this, &SocketStream::DoRestartWithAuth)); | 229 NewRunnableMethod(this, &SocketStream::DoRestartWithAuth)); |
| 232 } | 230 } |
| 233 | 231 |
| 234 void SocketStream::DetachDelegate() { | 232 void SocketStream::DetachDelegate() { |
| 235 if (!delegate_) | 233 if (!delegate_) |
| 236 return; | 234 return; |
| (...skipping 469 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 706 if (entry) { | 704 if (entry) { |
| 707 scoped_ptr<HttpAuthHandler> handler_preemptive; | 705 scoped_ptr<HttpAuthHandler> handler_preemptive; |
| 708 int rv_create = http_auth_handler_factory_-> | 706 int rv_create = http_auth_handler_factory_-> |
| 709 CreatePreemptiveAuthHandlerFromString( | 707 CreatePreemptiveAuthHandlerFromString( |
| 710 entry->auth_challenge(), HttpAuth::AUTH_PROXY, | 708 entry->auth_challenge(), HttpAuth::AUTH_PROXY, |
| 711 ProxyAuthOrigin(), entry->IncrementNonceCount(), | 709 ProxyAuthOrigin(), entry->IncrementNonceCount(), |
| 712 net_log_, &handler_preemptive); | 710 net_log_, &handler_preemptive); |
| 713 if (rv_create == OK) { | 711 if (rv_create == OK) { |
| 714 auth_identity_.source = HttpAuth::IDENT_SRC_PATH_LOOKUP; | 712 auth_identity_.source = HttpAuth::IDENT_SRC_PATH_LOOKUP; |
| 715 auth_identity_.invalid = false; | 713 auth_identity_.invalid = false; |
| 716 auth_identity_.username = entry->username(); | 714 auth_identity_.credentials = AuthCredentials(); |
| 717 auth_identity_.password = entry->password(); | |
| 718 auth_handler_.swap(handler_preemptive); | 715 auth_handler_.swap(handler_preemptive); |
| 719 } | 716 } |
| 720 } | 717 } |
| 721 } | 718 } |
| 722 | 719 |
| 723 // Support basic authentication scheme only, because we don't have | 720 // Support basic authentication scheme only, because we don't have |
| 724 // HttpRequestInfo. | 721 // HttpRequestInfo. |
| 725 // TODO(ukai): Add support other authentication scheme. | 722 // TODO(ukai): Add support other authentication scheme. |
| 726 if (auth_handler_.get() && | 723 if (auth_handler_.get() && |
| 727 auth_handler_->auth_scheme() == HttpAuth::AUTH_SCHEME_BASIC) { | 724 auth_handler_->auth_scheme() == HttpAuth::AUTH_SCHEME_BASIC) { |
| 728 HttpRequestInfo request_info; | 725 HttpRequestInfo request_info; |
| 729 std::string auth_token; | 726 std::string auth_token; |
| 730 int rv = auth_handler_->GenerateAuthToken( | 727 int rv = auth_handler_->GenerateAuthToken( |
| 731 &auth_identity_.username, | 728 &auth_identity_.credentials, |
| 732 &auth_identity_.password, | |
| 733 &request_info, | 729 &request_info, |
| 734 NULL, | 730 NULL, |
| 735 &auth_token); | 731 &auth_token); |
| 736 // TODO(cbentzel): Support async auth handlers. | 732 // TODO(cbentzel): Support async auth handlers. |
| 737 DCHECK_NE(ERR_IO_PENDING, rv); | 733 DCHECK_NE(ERR_IO_PENDING, rv); |
| 738 if (rv != OK) | 734 if (rv != OK) |
| 739 return rv; | 735 return rv; |
| 740 authorization_headers.append( | 736 authorization_headers.append( |
| 741 HttpAuth::GetAuthorizationHeaderName(HttpAuth::AUTH_PROXY) + | 737 HttpAuth::GetAuthorizationHeaderName(HttpAuth::AUTH_PROXY) + |
| 742 ": " + auth_token + "\r\n"); | 738 ": " + auth_token + "\r\n"); |
| (...skipping 311 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1054 | 1050 |
| 1055 // TODO(cbentzel): Since SocketStream only suppports basic authentication | 1051 // TODO(cbentzel): Since SocketStream only suppports basic authentication |
| 1056 // right now, another challenge is always treated as a rejection. | 1052 // right now, another challenge is always treated as a rejection. |
| 1057 // Ultimately this should be converted to use HttpAuthController like the | 1053 // Ultimately this should be converted to use HttpAuthController like the |
| 1058 // HttpNetworkTransaction has. | 1054 // HttpNetworkTransaction has. |
| 1059 if (auth_handler_.get() && !auth_identity_.invalid) { | 1055 if (auth_handler_.get() && !auth_identity_.invalid) { |
| 1060 if (auth_identity_.source != HttpAuth::IDENT_SRC_PATH_LOOKUP) | 1056 if (auth_identity_.source != HttpAuth::IDENT_SRC_PATH_LOOKUP) |
| 1061 auth_cache_.Remove(auth_origin, | 1057 auth_cache_.Remove(auth_origin, |
| 1062 auth_handler_->realm(), | 1058 auth_handler_->realm(), |
| 1063 auth_handler_->auth_scheme(), | 1059 auth_handler_->auth_scheme(), |
| 1064 auth_identity_.username, | 1060 auth_identity_.credentials); |
| 1065 auth_identity_.password); | |
| 1066 auth_handler_.reset(); | 1061 auth_handler_.reset(); |
| 1067 auth_identity_ = HttpAuth::Identity(); | 1062 auth_identity_ = HttpAuth::Identity(); |
| 1068 } | 1063 } |
| 1069 | 1064 |
| 1070 auth_identity_.invalid = true; | 1065 auth_identity_.invalid = true; |
| 1071 std::set<HttpAuth::Scheme> disabled_schemes; | 1066 std::set<HttpAuth::Scheme> disabled_schemes; |
| 1072 HttpAuth::ChooseBestChallenge(http_auth_handler_factory_, headers, | 1067 HttpAuth::ChooseBestChallenge(http_auth_handler_factory_, headers, |
| 1073 HttpAuth::AUTH_PROXY, | 1068 HttpAuth::AUTH_PROXY, |
| 1074 auth_origin, disabled_schemes, | 1069 auth_origin, disabled_schemes, |
| 1075 net_log_, &auth_handler_); | 1070 net_log_, &auth_handler_); |
| 1076 if (!auth_handler_.get()) { | 1071 if (!auth_handler_.get()) { |
| 1077 LOG(ERROR) << "Can't perform auth to the proxy " << auth_origin; | 1072 LOG(ERROR) << "Can't perform auth to the proxy " << auth_origin; |
| 1078 return ERR_TUNNEL_CONNECTION_FAILED; | 1073 return ERR_TUNNEL_CONNECTION_FAILED; |
| 1079 } | 1074 } |
| 1080 if (auth_handler_->NeedsIdentity()) { | 1075 if (auth_handler_->NeedsIdentity()) { |
| 1081 // We only support basic authentication scheme now. | 1076 // We only support basic authentication scheme now. |
| 1082 // TODO(ukai): Support other authentication scheme. | 1077 // TODO(ukai): Support other authentication scheme. |
| 1083 HttpAuthCache::Entry* entry = auth_cache_.Lookup( | 1078 HttpAuthCache::Entry* entry = auth_cache_.Lookup( |
| 1084 auth_origin, auth_handler_->realm(), HttpAuth::AUTH_SCHEME_BASIC); | 1079 auth_origin, auth_handler_->realm(), HttpAuth::AUTH_SCHEME_BASIC); |
| 1085 if (entry) { | 1080 if (entry) { |
| 1086 auth_identity_.source = HttpAuth::IDENT_SRC_REALM_LOOKUP; | 1081 auth_identity_.source = HttpAuth::IDENT_SRC_REALM_LOOKUP; |
| 1087 auth_identity_.invalid = false; | 1082 auth_identity_.invalid = false; |
| 1088 auth_identity_.username = entry->username(); | 1083 auth_identity_.credentials = AuthCredentials(); |
| 1089 auth_identity_.password = entry->password(); | |
| 1090 // Restart with auth info. | 1084 // Restart with auth info. |
| 1091 } | 1085 } |
| 1092 return ERR_PROXY_AUTH_UNSUPPORTED; | 1086 return ERR_PROXY_AUTH_UNSUPPORTED; |
| 1093 } else { | 1087 } else { |
| 1094 auth_identity_.invalid = false; | 1088 auth_identity_.invalid = false; |
| 1095 } | 1089 } |
| 1096 return ERR_TUNNEL_CONNECTION_FAILED; | 1090 return ERR_TUNNEL_CONNECTION_FAILED; |
| 1097 } | 1091 } |
| 1098 | 1092 |
| 1099 int SocketStream::HandleCertificateRequest(int result) { | 1093 int SocketStream::HandleCertificateRequest(int result) { |
| (...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1149 else | 1143 else |
| 1150 DoLoop(ERR_UNEXPECTED); | 1144 DoLoop(ERR_UNEXPECTED); |
| 1151 } | 1145 } |
| 1152 | 1146 |
| 1153 void SocketStream::DoRestartWithAuth() { | 1147 void SocketStream::DoRestartWithAuth() { |
| 1154 DCHECK_EQ(next_state_, STATE_AUTH_REQUIRED); | 1148 DCHECK_EQ(next_state_, STATE_AUTH_REQUIRED); |
| 1155 auth_cache_.Add(ProxyAuthOrigin(), | 1149 auth_cache_.Add(ProxyAuthOrigin(), |
| 1156 auth_handler_->realm(), | 1150 auth_handler_->realm(), |
| 1157 auth_handler_->auth_scheme(), | 1151 auth_handler_->auth_scheme(), |
| 1158 auth_handler_->challenge(), | 1152 auth_handler_->challenge(), |
| 1159 auth_identity_.username, | 1153 auth_identity_.credentials, |
| 1160 auth_identity_.password, | |
| 1161 std::string()); | 1154 std::string()); |
| 1162 | 1155 |
| 1163 tunnel_request_headers_ = NULL; | 1156 tunnel_request_headers_ = NULL; |
| 1164 tunnel_request_headers_bytes_sent_ = 0; | 1157 tunnel_request_headers_bytes_sent_ = 0; |
| 1165 tunnel_response_headers_ = NULL; | 1158 tunnel_response_headers_ = NULL; |
| 1166 tunnel_response_headers_capacity_ = 0; | 1159 tunnel_response_headers_capacity_ = 0; |
| 1167 tunnel_response_headers_len_ = 0; | 1160 tunnel_response_headers_len_ = 0; |
| 1168 | 1161 |
| 1169 next_state_ = STATE_TCP_CONNECT; | 1162 next_state_ = STATE_TCP_CONNECT; |
| 1170 DoLoop(OK); | 1163 DoLoop(OK); |
| (...skipping 15 matching lines...) Expand all Loading... |
| 1186 | 1179 |
| 1187 SSLConfigService* SocketStream::ssl_config_service() const { | 1180 SSLConfigService* SocketStream::ssl_config_service() const { |
| 1188 return context_->ssl_config_service(); | 1181 return context_->ssl_config_service(); |
| 1189 } | 1182 } |
| 1190 | 1183 |
| 1191 ProxyService* SocketStream::proxy_service() const { | 1184 ProxyService* SocketStream::proxy_service() const { |
| 1192 return context_->proxy_service(); | 1185 return context_->proxy_service(); |
| 1193 } | 1186 } |
| 1194 | 1187 |
| 1195 } // namespace net | 1188 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 8340026:
Use AuthCredentials throughout the network stack instead of username/password. (Closed)
Base URL: http://git.chromium.org/chromium/src.git@master