OLD | NEW |
---|---|
(Empty) | |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "net/http/http_auth_handler_negotiate_parse.h" | |
6 | |
7 #include "base/base64.h" | |
8 #include "base/strings/string_util.h" | |
9 #include "net/http/http_auth_challenge_tokenizer.h" | |
10 | |
11 namespace net { | |
12 | |
13 namespace { | |
14 | |
15 bool schemeValid(const std::string& scheme, | |
Ryan Sleevi
2015/06/29 13:56:45
STYLE: This is not a valid function name (drop-cap
Ryan Sleevi
2015/06/29 13:56:45
document
aberent
2015/07/02 21:13:36
Done.
aberent
2015/07/02 21:13:36
Done.
| |
16 HttpAuthChallengeTokenizer* challenge) { | |
17 // There is no guarantee that challenge->scheme() is valid ASCII, but | |
18 // LowerCaseEqualsASCII will do the right thing even if it isn't. | |
19 return base::LowerCaseEqualsASCII(challenge->scheme(), | |
Ryan Sleevi
2015/06/29 13:56:45
DESIGN: Should you be using base::strcasecmp / str
aberent
2015/07/02 21:13:36
embedded NULs are actually a good reason not to us
| |
20 base::StringToLowerASCII(scheme).c_str()); | |
Ryan Sleevi
2015/06/29 13:56:45
DESIGN: Should you be passing scheme as std::strin
aberent
2015/07/02 21:13:36
Might be better if it were changed everywhere, but
| |
21 } | |
22 | |
23 } // namespace | |
24 | |
25 HttpAuth::AuthorizationResult ParseFirstNegotiateChallenge( | |
26 std::string scheme, | |
27 HttpAuthChallengeTokenizer* challenge) { | |
28 // Verify the challenge's auth-scheme. | |
29 if (!schemeValid(scheme, challenge)) | |
30 return HttpAuth::AUTHORIZATION_RESULT_INVALID; | |
31 | |
32 std::string encoded_auth_token = challenge->base64_param(); | |
33 if (encoded_auth_token.empty()) { | |
34 return HttpAuth::AUTHORIZATION_RESULT_ACCEPT; | |
35 } else { | |
Ryan Sleevi
2015/06/29 13:56:45
no else after return
aberent
2015/07/02 21:13:36
Done.
| |
36 return HttpAuth::AUTHORIZATION_RESULT_INVALID; | |
37 } | |
38 } | |
39 | |
40 HttpAuth::AuthorizationResult ParseAnotherNegotiateChallenge( | |
41 std::string scheme, | |
42 HttpAuthChallengeTokenizer* challenge, | |
43 std::string* encoded_token, | |
44 std::string* decoded_token) { | |
45 // Verify the challenge's auth-scheme. | |
46 if (!schemeValid(scheme, challenge)) | |
47 return HttpAuth::AUTHORIZATION_RESULT_INVALID; | |
48 | |
49 *encoded_token = challenge->base64_param(); | |
50 if (encoded_token->empty()) | |
51 return HttpAuth::AUTHORIZATION_RESULT_REJECT; | |
52 | |
53 // Make sure the additional token is base64 encoded. | |
54 if (!base::Base64Decode(*encoded_token, decoded_token)) | |
55 return HttpAuth::AUTHORIZATION_RESULT_INVALID; | |
56 return HttpAuth::AUTHORIZATION_RESULT_ACCEPT; | |
57 } | |
58 | |
59 } // namespace net | |
OLD | NEW |