OLD | NEW |
(Empty) | |
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "base/base64.h" |
| 6 #include "base/strings/string_util.h" |
| 7 #include "net/http/http_auth_challenge_tokenizer.h" |
| 8 #include "net/http/http_auth_multi_round_parse.h" |
| 9 |
| 10 namespace net { |
| 11 |
| 12 namespace { |
| 13 |
| 14 // Check that the scheme in the challenge matches the expected scheme |
| 15 bool SchemeIsValid(const std::string& scheme, |
| 16 HttpAuthChallengeTokenizer* challenge) { |
| 17 // There is no guarantee that challenge->scheme() is valid ASCII, but |
| 18 // LowerCaseEqualsASCII will do the right thing even if it isn't. |
| 19 return base::LowerCaseEqualsASCII(challenge->scheme(), |
| 20 base::StringToLowerASCII(scheme).c_str()); |
| 21 } |
| 22 |
| 23 } // namespace |
| 24 |
| 25 HttpAuth::AuthorizationResult ParseFirstRoundChallenge( |
| 26 const std::string& scheme, |
| 27 HttpAuthChallengeTokenizer* challenge) { |
| 28 // Verify the challenge's auth-scheme. |
| 29 if (!SchemeIsValid(scheme, challenge)) |
| 30 return HttpAuth::AUTHORIZATION_RESULT_INVALID; |
| 31 |
| 32 std::string encoded_auth_token = challenge->base64_param(); |
| 33 if (!encoded_auth_token.empty()) { |
| 34 return HttpAuth::AUTHORIZATION_RESULT_INVALID; |
| 35 } |
| 36 return HttpAuth::AUTHORIZATION_RESULT_ACCEPT; |
| 37 } |
| 38 |
| 39 HttpAuth::AuthorizationResult ParseLaterRoundChallenge( |
| 40 const std::string& scheme, |
| 41 HttpAuthChallengeTokenizer* challenge, |
| 42 std::string* encoded_token, |
| 43 std::string* decoded_token) { |
| 44 // Verify the challenge's auth-scheme. |
| 45 if (!SchemeIsValid(scheme, challenge)) |
| 46 return HttpAuth::AUTHORIZATION_RESULT_INVALID; |
| 47 |
| 48 *encoded_token = challenge->base64_param(); |
| 49 if (encoded_token->empty()) |
| 50 return HttpAuth::AUTHORIZATION_RESULT_REJECT; |
| 51 |
| 52 // Make sure the additional token is base64 encoded. |
| 53 if (!base::Base64Decode(*encoded_token, decoded_token)) |
| 54 return HttpAuth::AUTHORIZATION_RESULT_INVALID; |
| 55 return HttpAuth::AUTHORIZATION_RESULT_ACCEPT; |
| 56 } |
| 57 |
| 58 } // namespace net |
OLD | NEW |