OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // See "SSPI Sample Application" at | 5 // See "SSPI Sample Application" at |
6 // http://msdn.microsoft.com/en-us/library/aa918273.aspx | 6 // http://msdn.microsoft.com/en-us/library/aa918273.aspx |
7 | 7 |
8 #include "net/http/http_auth_sspi_win.h" | 8 #include "net/http/http_auth_sspi_win.h" |
9 | 9 |
10 #include "base/base64.h" | 10 #include "base/base64.h" |
(...skipping 262 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
273 can_delegate_ = true; | 273 can_delegate_ = true; |
274 } | 274 } |
275 | 275 |
276 void HttpAuthSSPI::ResetSecurityContext() { | 276 void HttpAuthSSPI::ResetSecurityContext() { |
277 if (SecIsValidHandle(&ctxt_)) { | 277 if (SecIsValidHandle(&ctxt_)) { |
278 library_->DeleteSecurityContext(&ctxt_); | 278 library_->DeleteSecurityContext(&ctxt_); |
279 SecInvalidateHandle(&ctxt_); | 279 SecInvalidateHandle(&ctxt_); |
280 } | 280 } |
281 } | 281 } |
282 | 282 |
283 HttpAuth::AuthorizationResult HttpAuthSSPI::ParseChallenge( | |
284 HttpAuthChallengeTokenizer* tok) { | |
285 // Verify the challenge's auth-scheme. | |
286 if (!base::LowerCaseEqualsASCII(tok->scheme(), | |
287 base::StringToLowerASCII(scheme_).c_str())) | |
288 return HttpAuth::AUTHORIZATION_RESULT_INVALID; | |
289 | |
290 std::string encoded_auth_token = tok->base64_param(); | |
291 if (encoded_auth_token.empty()) { | |
292 // If a context has already been established, an empty challenge | |
293 // should be treated as a rejection of the current attempt. | |
294 if (SecIsValidHandle(&ctxt_)) | |
295 return HttpAuth::AUTHORIZATION_RESULT_REJECT; | |
296 DCHECK(decoded_server_auth_token_.empty()); | |
297 return HttpAuth::AUTHORIZATION_RESULT_ACCEPT; | |
298 } else { | |
299 // If a context has not already been established, additional tokens should | |
300 // not be present in the auth challenge. | |
301 if (!SecIsValidHandle(&ctxt_)) | |
302 return HttpAuth::AUTHORIZATION_RESULT_INVALID; | |
303 } | |
304 | |
305 std::string decoded_auth_token; | |
306 bool base64_rv = base::Base64Decode(encoded_auth_token, &decoded_auth_token); | |
307 if (!base64_rv) | |
308 return HttpAuth::AUTHORIZATION_RESULT_INVALID; | |
309 decoded_server_auth_token_ = decoded_auth_token; | |
310 return HttpAuth::AUTHORIZATION_RESULT_ACCEPT; | |
311 } | |
312 | |
313 int HttpAuthSSPI::GenerateAuthToken(const AuthCredentials* credentials, | 283 int HttpAuthSSPI::GenerateAuthToken(const AuthCredentials* credentials, |
314 const std::string& spn, | 284 const std::string& spn, |
315 std::string* auth_token) { | 285 std::string* auth_token, |
| 286 const CompletionCallback& /*callback*/) { |
316 // Initial challenge. | 287 // Initial challenge. |
317 if (!SecIsValidHandle(&cred_)) { | 288 if (!SecIsValidHandle(&cred_)) { |
318 int rv = OnFirstRound(credentials); | 289 int rv = OnFirstRound(credentials); |
319 if (rv != OK) | 290 if (rv != OK) |
320 return rv; | 291 return rv; |
321 } | 292 } |
322 | 293 |
323 DCHECK(SecIsValidHandle(&cred_)); | 294 DCHECK(SecIsValidHandle(&cred_)); |
324 void* out_buf; | 295 void* out_buf; |
325 int out_buf_len; | 296 int out_buf_len; |
(...skipping 147 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
473 int token_length = pkg_info->cbMaxToken; | 444 int token_length = pkg_info->cbMaxToken; |
474 status = library->FreeContextBuffer(pkg_info); | 445 status = library->FreeContextBuffer(pkg_info); |
475 rv = MapFreeContextBufferStatusToError(status); | 446 rv = MapFreeContextBufferStatusToError(status); |
476 if (rv != OK) | 447 if (rv != OK) |
477 return rv; | 448 return rv; |
478 *max_token_length = token_length; | 449 *max_token_length = token_length; |
479 return OK; | 450 return OK; |
480 } | 451 } |
481 | 452 |
482 } // namespace net | 453 } // namespace net |
OLD | NEW |