Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(78)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/http/http_auth_gssapi_posix.cc

Issue 1128043007: Support Kerberos on Android (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Handle review comments Created 5 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/android/java/src/org/chromium/net/HttpNegotiateAuthenticator.java ('K') | « net/http/http_auth_gssapi_posix.h ('k') | net/http/http_auth_gssapi_posix_unittest.cc » ('j') | net/http/http_auth_handler_factory.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/http/http_auth_gssapi_posix.h" 5 #include "net/http/http_auth_gssapi_posix.h"
6 6
7 #include <limits> 7 #include <limits>
8 #include <string> 8 #include <string>
9 9
10 #include "base/base64.h" 10 #include "base/base64.h"
(...skipping 667 matching lines...) Expand 10 before | Expand all | Expand 10 after
678 } 678 }
679 679
680 bool HttpAuthGSSAPI::AllowsExplicitCredentials() const { 680 bool HttpAuthGSSAPI::AllowsExplicitCredentials() const {
681 return false; 681 return false;
682 } 682 }
683 683
684 void HttpAuthGSSAPI::Delegate() { 684 void HttpAuthGSSAPI::Delegate() {
685 can_delegate_ = true; 685 can_delegate_ = true;
686 } 686 }
687 687
688 HttpAuth::AuthorizationResult HttpAuthGSSAPI::ParseChallenge(
689 HttpAuthChallengeTokenizer* tok) {
690 // Verify the challenge's auth-scheme.
691 if (!base::LowerCaseEqualsASCII(tok->scheme(),
692 base::StringToLowerASCII(scheme_).c_str()))
693 return HttpAuth::AUTHORIZATION_RESULT_INVALID;
694
695 std::string encoded_auth_token = tok->base64_param();
696
697 if (encoded_auth_token.empty()) {
698 // If a context has already been established, an empty Negotiate challenge
699 // should be treated as a rejection of the current attempt.
700 if (scoped_sec_context_.get() != GSS_C_NO_CONTEXT)
701 return HttpAuth::AUTHORIZATION_RESULT_REJECT;
702 DCHECK(decoded_server_auth_token_.empty());
703 return HttpAuth::AUTHORIZATION_RESULT_ACCEPT;
704 } else {
705 // If a context has not already been established, additional tokens should
706 // not be present in the auth challenge.
707 if (scoped_sec_context_.get() == GSS_C_NO_CONTEXT)
708 return HttpAuth::AUTHORIZATION_RESULT_INVALID;
709 }
710
711 // Make sure the additional token is base64 encoded.
712 std::string decoded_auth_token;
713 bool base64_rv = base::Base64Decode(encoded_auth_token, &decoded_auth_token);
714 if (!base64_rv)
715 return HttpAuth::AUTHORIZATION_RESULT_INVALID;
716 decoded_server_auth_token_ = decoded_auth_token;
717 return HttpAuth::AUTHORIZATION_RESULT_ACCEPT;
718 }
719
720 int HttpAuthGSSAPI::GenerateAuthToken(const AuthCredentials* credentials, 688 int HttpAuthGSSAPI::GenerateAuthToken(const AuthCredentials* credentials,
721 const std::string& spn, 689 const std::string& spn,
722 std::string* auth_token) { 690 std::string* auth_token,
691 const CompletionCallback& /*callback*/) {
723 DCHECK(auth_token); 692 DCHECK(auth_token);
724 693
725 gss_buffer_desc input_token = GSS_C_EMPTY_BUFFER; 694 gss_buffer_desc input_token = GSS_C_EMPTY_BUFFER;
726 input_token.length = decoded_server_auth_token_.length(); 695 input_token.length = decoded_server_auth_token_.length();
727 input_token.value = (input_token.length > 0) ? 696 input_token.value = (input_token.length > 0) ?
728 const_cast<char*>(decoded_server_auth_token_.data()) : 697 const_cast<char*>(decoded_server_auth_token_.data()) :
729 NULL; 698 NULL;
730 gss_buffer_desc output_token = GSS_C_EMPTY_BUFFER; 699 gss_buffer_desc output_token = GSS_C_EMPTY_BUFFER;
731 ScopedBuffer scoped_output_token(&output_token, library_); 700 ScopedBuffer scoped_output_token(&output_token, library_);
732 int rv = GetNextSecurityToken(spn, &input_token, &output_token); 701 int rv = GetNextSecurityToken(spn, &input_token, &output_token);
(...skipping 150 matching lines...) Expand 10 before | Expand all | Expand 10 after
883 if (rv != OK) { 852 if (rv != OK) {
884 LOG(ERROR) << "Problem initializing context. \n" 853 LOG(ERROR) << "Problem initializing context. \n"
885 << DisplayExtendedStatus(library_, major_status, minor_status) 854 << DisplayExtendedStatus(library_, major_status, minor_status)
886 << '\n' 855 << '\n'
887 << DescribeContext(library_, scoped_sec_context_.get()); 856 << DescribeContext(library_, scoped_sec_context_.get());
888 } 857 }
889 return rv; 858 return rv;
890 } 859 }
891 860
892 } // namespace net 861 } // namespace net
OLDNEW
« net/android/java/src/org/chromium/net/HttpNegotiateAuthenticator.java ('K') | « net/http/http_auth_gssapi_posix.h ('k') | net/http/http_auth_gssapi_posix_unittest.cc » ('j') | net/http/http_auth_handler_factory.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698